Bitcoin Paper Wallet Generator - Secure Offline Cold ...

Ultimate glossary of crypto currency terms, acronyms and abbreviations

I thought it would be really cool to have an ultimate guide for those new to crypto currencies and the terms used. I made this mostly for beginner’s and veterans alike. I’m not sure how much use you will get out of this. Stuff gets lost on Reddit quite easily so I hope this finds its way to you. Included in this list, I have included most of the terms used in crypto-communities. I have compiled this list from a multitude of sources. The list is in alphabetical order and may include some words/terms not exclusive to the crypto world but may be helpful regardless.
2FA
Two factor authentication. I highly advise that you use it.
51% Attack:
A situation where a single malicious individual or group gains control of more than half of a cryptocurrency network’s computing power. Theoretically, it could allow perpetrators to manipulate the system and spend the same coin multiple times, stop other users from completing blocks and make conflicting transactions to a chain that could harm the network.
Address (or Addy):
A unique string of numbers and letters (both upper and lower case) used to send, receive or store cryptocurrency on the network. It is also the public key in a pair of keys needed to sign a digital transaction. Addresses can be shared publicly as a text or in the form of a scannable QR code. They differ between cryptocurrencies. You can’t send Bitcoin to an Ethereum address, for example.
Altcoin (alternative coin): Any digital currency other than Bitcoin. These other currencies are alternatives to Bitcoin regarding features and functionalities (e.g. faster confirmation time, lower price, improved mining algorithm, higher total coin supply). There are hundreds of altcoins, including Ether, Ripple, Litecoin and many many others.
AIRDROP:
An event where the investors/participants are able to receive free tokens or coins into their digital wallet.
AML: Defines Anti-Money Laundering laws**.**
ARBITRAGE:
Getting risk-free profits by trading (simultaneous buying and selling of the cryptocurrency) on two different exchanges which have different prices for the same asset.
Ashdraked:
Being Ashdraked is essentially a more detailed version of being Zhoutonged. It is when you lose all of your invested capital, but you do so specifically by shorting Bitcoin. The expression “Ashdraked” comes from a story of a Romanian cryptocurrency investor who insisted upon shorting BTC, as he had done so successfully in the past. When the price of BTC rose from USD 300 to USD 500, the Romanian investor lost all of his money.
ATH (All Time High):
The highest price ever achieved by a cryptocurrency in its entire history. Alternatively, ATL is all time low
Bearish:
A tendency of prices to fall; a pessimistic expectation that the value of a coin is going to drop.
Bear trap:
A manipulation of a stock or commodity by investors.
Bitcoin:
The very first, and the highest ever valued, mass-market open source and decentralized cryptocurrency and digital payment system that runs on a worldwide peer to peer network. It operates independently of any centralized authorities
Bitconnect:
One of the biggest scams in the crypto world. it was made popular in the meme world by screaming idiot Carlos Matos, who infamously proclaimed," hey hey heeeey” and “what's a what's a what's up wasssssssssuuuuuuuuuuuuup, BitConneeeeeeeeeeeeeeeeeeeeeeeect!”. He is now in the mentally ill meme hall of fame.
Block:
A package of permanently recorded data about transactions occurring every time period (typically about 10 minutes) on the blockchain network. Once a record has been completed and verified, it goes into a blockchain and gives way to the next block. Each block also contains a complex mathematical puzzle with a unique answer, without which new blocks can’t be added to the chain.
Blockchain:
An unchangeable digital record of all transactions ever made in a particular cryptocurrency and shared across thousands of computers worldwide. It has no central authority governing it. Records, or blocks, are chained to each other using a cryptographic signature. They are stored publicly and chronologically, from the genesis block to the latest block, hence the term blockchain. Anyone can have access to the database and yet it remains incredibly difficult to hack.
Bullish:
A tendency of prices to rise; an optimistic expectation that a specific cryptocurrency will do well and its value is going to increase.
BTFD:
Buy the fucking dip. This advise was bestowed upon us by the gods themselves. It is the iron code to crypto enthusiasts.
Bull market:
A market that Cryptos are going up.
Consensus:
An agreement among blockchain participants on the validity of data. Consensus is reached when the majority of nodes on the network verify that the transaction is 100% valid.
Crypto bubble:
The instability of cryptocurrencies in terms of price value
Cryptocurrency:
A type of digital currency, secured by strong computer code (cryptography), that operates independently of any middlemen or central authoritie
Cryptography:
The art of converting sensitive data into a format unreadable for unauthorized users, which when decoded would result in a meaningful statement.
Cryptojacking:
The use of someone else’s device and profiting from its computational power to mine cryptocurrency without their knowledge and consent.
Crypto-Valhalla:
When HODLers(holders) eventually cash out they go to a place called crypto-Valhalla. The strong will be separated from the weak and the strong will then be given lambos.
DAO:
Decentralized Autonomous Organizations. It defines A blockchain technology inspired organization or corporation that exists and operates without human intervention.
Dapp (decentralized application):
An open-source application that runs and stores its data on a blockchain network (instead of a central server) to prevent a single failure point. This software is not controlled by the single body – information comes from people providing other people with data or computing power.
Decentralized:
A system with no fundamental control authority that governs the network. Instead, it is jointly managed by all users to the system.
Desktop wallet:
A wallet that stores the private keys on your computer, which allow the spending and management of your bitcoins.
DILDO:
Long red or green candles. This is a crypto signal that tells you that it is not favorable to trade at the moment. Found on candlestick charts.
Digital Signature:
An encrypted digital code attached to an electronic document to prove that the sender is who they say they are and confirm that a transaction is valid and should be accepted by the network.
Double Spending:
An attack on the blockchain where a malicious user manipulates the network by sending digital money to two different recipients at exactly the same time.
DYOR:
Means do your own research.
Encryption:
Converting data into code to protect it from unauthorized access, so that only the intended recipient(s) can decode it.
Eskrow:
the practice of having a third party act as an intermediary in a transaction. This third party holds the funds on and sends them off when the transaction is completed.
Ethereum:
Ethereum is an open source, public, blockchain-based platform that runs smart contracts and allows you to build dapps on it. Ethereum is fueled by the cryptocurrency Ether.
Exchange:
A platform (centralized or decentralized) for exchanging (trading) different forms of cryptocurrencies. These exchanges allow you to exchange cryptos for local currency. Some popular exchanges are Coinbase, Bittrex, Kraken and more.
Faucet:
A website which gives away free cryptocurrencies.
Fiat money:
Fiat currency is legal tender whose value is backed by the government that issued it, such as the US dollar or UK pound.
Fork:
A split in the blockchain, resulting in two separate branches, an original and a new alternate version of the cryptocurrency. As a single blockchain forks into two, they will both run simultaneously on different parts of the network. For example, Bitcoin Cash is a Bitcoin fork.
FOMO:
Fear of missing out.
Frictionless:
A system is frictionless when there are zero transaction costs or trading retraints.
FUD:
Fear, Uncertainty and Doubt regarding the crypto market.
Gas:
A fee paid to run transactions, dapps and smart contracts on Ethereum.
Halving:
A 50% decrease in block reward after the mining of a pre-specified number of blocks. Every 4 years, the “reward” for successfully mining a block of bitcoin is reduced by half. This is referred to as “Halving”.
Hardware wallet:
Physical wallet devices that can securely store cryptocurrency maximally. Some examples are Ledger Nano S**,** Digital Bitbox and more**.**
Hash:
The process that takes input data of varying sizes, performs an operation on it and converts it into a fixed size output. It cannot be reversed.
Hashing:
The process by which you mine bitcoin or similar cryptocurrency, by trying to solve the mathematical problem within it, using cryptographic hash functions.
HODL:
A Bitcoin enthusiast once accidentally misspelled the word HOLD and it is now part of the bitcoin legend. It can also mean hold on for dear life.
ICO (Initial Coin Offering):
A blockchain-based fundraising mechanism, or a public crowd sale of a new digital coin, used to raise capital from supporters for an early stage crypto venture. Beware of these as there have been quite a few scams in the past.
John mcAfee:
A man who will one day eat his balls on live television for falsely predicting bitcoin going to 100k. He has also become a small meme within the crypto community for his outlandish claims.
JOMO:
Joy of missing out. For those who are so depressed about missing out their sadness becomes joy.
KYC:
Know your customer(alternatively consumer).
Lambo:
This stands for Lamborghini. A small meme within the investing community where the moment someone gets rich they spend their earnings on a lambo. One day we will all have lambos in crypto-valhalla.
Ledger:
Away from Blockchain, it is a book of financial transactions and balances. In the world of crypto, the blockchain functions as a ledger. A digital currency’s ledger records all transactions which took place on a certain block chain network.
Leverage:
Trading with borrowed capital (margin) in order to increase the potential return of an investment.
Liquidity:
The availability of an asset to be bought and sold easily, without affecting its market price.
of the coins.
Margin trading:
The trading of assets or securities bought with borrowed money.
Market cap/MCAP:
A short-term for Market Capitalization. Market Capitalization refers to the market value of a particular cryptocurrency. It is computed by multiplying the Price of an individual unit of coins by the total circulating supply.
Miner:
A computer participating in any cryptocurrency network performing proof of work. This is usually done to receive block rewards.
Mining:
The act of solving a complex math equation to validate a blockchain transaction using computer processing power and specialized hardware.
Mining contract:
A method of investing in bitcoin mining hardware, allowing anyone to rent out a pre-specified amount of hashing power, for an agreed amount of time. The mining service takes care of hardware maintenance, hosting and electricity costs, making it simpler for investors.
Mining rig:
A computer specially designed for mining cryptocurrencies.
Mooning:
A situation the price of a coin rapidly increases in value. Can also be used as: “I hope bitcoin goes to the moon”
Node:
Any computing device that connects to the blockchain network.
Open source:
The practice of sharing the source code for a piece of computer software, allowing it to be distributed and altered by anyone.
OTC:
Over the counter. Trading is done directly between parties.
P2P (Peer to Peer):
A type of network connection where participants interact directly with each other rather than through a centralized third party. The system allows the exchange of resources from A to B, without having to go through a separate server.
Paper wallet:
A form of “cold storage” where the private keys are printed onto a piece of paper and stored offline. Considered as one of the safest crypto wallets, the truth is that it majors in sweeping coins from your wallets.
Pre mining:
The mining of a cryptocurrency by its developers before it is released to the public.
Proof of stake (POS):
A consensus distribution algorithm which essentially rewards you based upon the amount of the coin that you own. In other words, more investment in the coin will leads to more gain when you mine with this protocol In Proof of Stake, the resource held by the “miner” is their stake in the currency.
PROOF OF WORK (POW) :
The competition of computers competing to solve a tough crypto math problem. The first computer that does this is allowed to create new blocks and record information.” The miner is then usually rewarded via transaction fees.
Protocol:
A standardized set of rules for formatting and processing data.
Public key / private key:
A cryptographic code that allows a user to receive cryptocurrencies into an account. The public key is made available to everyone via a publicly accessible directory, and the private key remains confidential to its respective owner. Because the key pair is mathematically related, whatever is encrypted with a public key may only be decrypted by its corresponding private key.
Pump and dump:
Massive buying and selling activity of cryptocurrencies (sometimes organized and to one’s benefit) which essentially result in a phenomenon where the significant surge in the value of coin followed by a huge crash take place in a short time frame.
Recovery phrase:
A set of phrases you are given whereby you can regain or access your wallet should you lose the private key to your wallets — paper, mobile, desktop, and hardware wallet. These phrases are some random 12–24 words. A recovery Phrase can also be called as Recovery seed, Seed Key, Recovery Key, or Seed Phrase.
REKT:
Referring to the word “wrecked”. It defines a situation whereby an investor or trader who has been ruined utterly following the massive losses suffered in crypto industry.
Ripple:
An alternative payment network to Bitcoin based on similar cryptography. The ripple network uses XRP as currency and is capable of sending any asset type.
ROI:
Return on investment.
Safu:
A crypto term for safe popularized by the Bizonnaci YouTube channel after the CEO of Binance tweeted
“Funds are safe."
“the exchage I use got hacked!”“Oh no, are your funds safu?”
“My coins better be safu!”


Sats/Satoshi:
The smallest fraction of a bitcoin is called a “satoshi” or “sat”. It represents one hundred-millionth of a bitcoin and is named after Satoshi Nakamoto.
Satoshi Nakamoto:
This was the pseudonym for the mysterious creator of Bitcoin.
Scalability:
The ability of a cryptocurrency to contain the massive use of its Blockchain.
Sharding:
A scaling solution for the Blockchain. It is generally a method that allows nodes to have partial copies of the complete blockchain in order to increase overall network performance and consensus speeds.
Shitcoin:
Coin with little potential or future prospects.
Shill:
Spreading buzz by heavily promoting a particular coin in the community to create awareness.
Short position:
Selling of a specific cryptocurrency with an expectation that it will drop in value.
Silk road:
The online marketplace where drugs and other illicit items were traded for Bitcoin. This marketplace is using accessed through “TOR”, and VPNs. In October 2013, a Silk Road was shut down in by the FBI.
Smart Contract:
Certain computational benchmarks or barriers that have to be met in turn for money or data to be deposited or even be used to verify things such as land rights.
Software Wallet:
A crypto wallet that exists purely as software files on a computer. Usually, software wallets can be generated for free from a variety of sources.
Solidity:
A contract-oriented coding language for implementing smart contracts on Ethereum. Its syntax is similar to that of JavaScript.
Stable coin:
A cryptocoin with an extremely low volatility that can be used to trade against the overall market.
Staking:
Staking is the process of actively participating in transaction validation (similar to mining) on a proof-of-stake (PoS) blockchain. On these blockchains, anyone with a minimum-required balance of a specific cryptocurrency can validate transactions and earn Staking rewards.
Surge:
When a crypto currency appreciates or goes up in price.
Tank:
The opposite of mooning. When a coin tanks it can also be described as crashing.
Tendies
For traders , the chief prize is “tendies” (chicken tenders, the treat an overgrown man-child receives for being a “Good Boy”) .
Token:
A unit of value that represents a digital asset built on a blockchain system. A token is usually considered as a “coin” of a cryptocurrency, but it really has a wider functionality.
TOR: “The Onion Router” is a free web browser designed to protect users’ anonymity and resist censorship. Tor is usually used surfing the web anonymously and access sites on the “Darkweb”.
Transaction fee:
An amount of money users are charged from their transaction when sending cryptocurrencies.
Volatility:
A measure of fluctuations in the price of a financial instrument over time. High volatility in bitcoin is seen as risky since its shifting value discourages people from spending or accepting it.
Wallet:
A file that stores all your private keys and communicates with the blockchain to perform transactions. It allows you to send and receive bitcoins securely as well as view your balance and transaction history.
Whale:
An investor that holds a tremendous amount of cryptocurrency. Their extraordinary large holdings allow them to control prices and manipulate the market.
Whitepaper:

A comprehensive report or guide made to understand an issue or help decision making. It is also seen as a technical write up that most cryptocurrencies provide to take a deep look into the structure and plan of the cryptocurrency/Blockchain project. Satoshi Nakamoto was the first to release a whitepaper on Bitcoin, titled “Bitcoin: A Peer-to-Peer Electronic Cash System” in late 2008.
And with that I finally complete my odyssey. I sincerely hope that this helped you and if you are new, I welcome you to crypto. If you read all of that I hope it increased, you in knowledge.
my final definition:
Crypto-Family:
A collection of all the HODLers and crypto fanatics. A place where all people alike unite over a love for crypto.
We are all in this together as we pioneer the new world that is crypto currency. I wish you a great day and Happy HODLing.
-u/flacciduck
feel free to comment words or terms that you feel should be included or about any errors I made.
Edit1:some fixes were made and added words.
submitted by flacciduck to CryptoCurrency [link] [comments]

The Blackmail Email Scam (part 6)

IF YOU RECEIVE A BLACKMAIL EMAIL, PLEASE REDACT THE PERSONAL INFORMATION AND POST IT AS A COMMENT ON THIS THREAD SO THAT OTHERS WHO RECEIVE THE SAME EMAIL CAN FIND IT THROUGH GOOGLE.

BLACKMAIL EMAIL SCAMS ARE ALSO SENT VIA SMS (TEXT) AND PHYSICAL MAIL. REGARDLESS OF THE METHOD, THEY ARE SPAM AND THE POST BELOW GIVES YOU INFORMATION AND ADVICE ABOUT WHAT TO DO.

FIRST THREAD: https://reddit.com/Scams/comments/8gsjba/the_blackmail_email_scam/

SECOND THREAD: https://reddit.com/Scams/comments/9srjen/the_blackmail_email_scam_part_2/

THIRD THREAD: https://reddit.com/Scams/comments/biv65o/the_blackmail_email_scam_part_3/

FOURTH THREAD: https://reddit.com/Scams/comments/dohaea/the_blackmail_email_scam_part_4/

FIFTH THREAD: https://old.reddit.com/Scams/comments/g8jqnthe_blackmail_email_scam_part_5/

There have been many recent posts about the blackmail email scam, so I have written this post and will keep it stickied until the posts about the scam die down. Blackmail email scams have that name because they started as an email spam campaign, however there have also been reports of these scams being sent via SMS and physical mail. If you are reading this because you have received one of these emails and you are worried, you can stop worrying. The blackmail email scam is a spam campaign that is sent out to thousands of addresses at a time. The threats are lies and you do not have anything to worry about. In many cases, the emails will contain some sort of privileged information about you such as your name, part or all of your phone number, and your password. The emails may also look like they were sent from your own email address. The data is gathered from data breaches, and if the email looks like it came from your account that is due to email spoofing. You can use the service Have I Been Pwned? to see if you are in any publicly known data breaches. If you receive an email that contains a password that you currently use, you should immediately change that. Current recommended password guidelines say that you should use a different, complex password for every account. You can generate and save passwords using a password manager for convenience. You should also be using two factor authentication using an app like Google Authenticator instead of receiving codes through SMS.
Here are some news articles about this scam. Here is a story from Brian Krebs, and here is a story from the New York Times.
Below are a few examples, but if you receive an email that is similar but not the same as the examples you see, that does not matter and does not mean that the email is real. The spammers constantly switch up their templates in order to bypass spam filters, so it's normal to receive an email that hasn't yet been posted online.

EXAMPLES

Hey, some time ago your computer was infected with my private malware, RAT (Remote Administration Tool).
I know at the time of infection your passwords was: xxxxxxxxxxx
My malware gave me full access to all your accounts, contacts and it also was possible to spy on you over your webcam.
Sometimes when I was bored I was spying on you, then once you started to SATISFYING YOURSELF!
At first I didn't knew how to react as I was shocked, then I decided to record you, I checked on google and found the software: Bandicam and it did the job.
After that I removed my malware to not leave any traces and this email was sent from some hacked account.
I can send the video of you to all your friends, contacts and publish it on social networks and the whole web.
You can stop me and only I can help you out in this situation.
Pay exactly 740$ in Bitcoin (BTC).
It's easy to buy Bitcoin (BTC), for example here: https://paxful.com/buy-bitcoin , https://www.buybitcoinworldwide.com/ , https://www.kraken.com/ , or google another exchanger.
My Bitcoin (BTC) wallet is: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Yes that's how the wallet looks like, copy and paste it, it's (cAsE-sEnSEtiVE)
I give you 3 days time to pay.
As I got access to this email account, I will know if this email has already been read, so the time is running.
After receiving the payment, I will remove the video and you can life your live in peace like before.
Learn from the mistake and update your browser before browsing the web next time!
I know XXXX is one of your password on day of hack..
Lets get directly to the point.
Not one person has paid me to check about you. You do not know me and you're probably thinking why you are getting this email?
in fact, i actually placed a malware on the adult vids (adult porn) website and you know what, you visited this site to experience fun (you know what i mean).
When you were viewing videos, your browser started out operating as a RDP having a key logger which provided me with accessibility to your display and web cam.
immediately after that, my malware obtained every one of your contacts from your Messenger, FB, as well as email account.
after that i created a double-screen video. 1st part shows the video you were viewing (you have a nice taste omg), and 2nd part displays the recording of your cam, and its you. Best solution would be to pay me $1004.
We are going to refer to it as a donation. in this situation, i most certainly will without delay remove your video.
My -BTC -address: 1GohL1jDz8BapZhohN2Xry6AKPq6PiJrjw [case SeNSiTiVe, copy & paste it]
You could go on your life like this never happened and you will not ever hear back again from me. You'll make the payment via Bitcoin (if you do not know this, search 'how to buy bitcoin' in Google).
if you are planning on going to the law, surely, this e-mail can not be traced back to me, because it's hacked too.
I have taken care of my actions. i am not looking to ask you for a lot, i simply want to be paid.
if i do not receive the bitcoin;, i definitely will send out your video recording to all of your contacts including friends and family, co-workers, and so on.
Nevertheless, if i do get paid, i will destroy the recording immediately.
If you need proof, reply with Yeah then i will send out your video recording to your 8 friends. it's a nonnegotiable offer and thus please don't waste mine time & yours by replying to this message.
I know xxxxxxxxxxxx is one of your password on day of hack.. Lets get directly to the point.
Not one person has paid me to check about you.
You do not know me and you're probably thinking why you are getting this email?
in fact, i actually placed a malware on the adult vids (adult porn) website and you know what, you visited this site to experience fun (you know what i mean).
When you were viewing videos, your browser started out operating as a RDP having a key logger which provided me with accessibility to your display and web cam.
immediately after that, my malware obtained every one of your contacts from your Messenger, FB, as well as email account. after that i created a double-screen video. 1st part shows the video you were viewing (you have a nice taste omg), and 2nd part displays the recording of your cam, and its you.
Best solution would be to pay me $1013.
We are going to refer to it as a donation. in this situation, i most certainly will without delay remove your video.
My -BTC -address: 1KzA7GYSyvXCmPpojZ4qTbZGmjjbbSfwBg
[case SeNSiTiVe, copy & paste it]
You could go on your life like this never happened and you will not ever hear back again from me.
You'll make the payment via Bitcoin (if you do not know this, search 'how to buy bitcoin' in Google). if you are planning on going to the law, surely, this e-mail can not be traced back to me, because it's hacked too. I have taken care of my actions. i am not looking to ask you for a lot, i simply want to be paid.
if i do not receive the bitcoin;, i definitely will send out your video recording to all of your contacts including friends and family, co-workers, and so on. Nevertheless, if i do get paid, i will destroy the recording immediately. If you need proof, reply with Yeah then i will send out your video recording to your 8 friends. it's a nonnegotiable offer and thus please don't waste mine time & yours by replying to this message.
Lets get directly to the point.
Not one person has paid me to check about you. You do not know me and you're probably thinking why you are getting this email? in fact, i actually placed a malware on the adult vids (adult porn) website and you know what, you visited this site to experience fun (you know what i mean).
When you were viewing videos, your browser started out operating as a RDP having a key logger which provided me with accessibility to your display and web cam.
immediately after that, my malware obtained every one of your contacts from your Messenger, FB, as well as email account.
after that i created a double-screen video. 1st part shows the video you were viewing (you have a nice taste omg), and 2nd part displays the recording of your cam, and its you. Best solution would be to pay me $1002.
We are going to refer to it as a donation. in this situation, i most certainly will without delay remove your video.
My -BTC -address: 1JXvEapcRCvywymcrYZ1rcCfLfNZKri4LP [case SeNSiTiVe, copy & paste it]
You could go on your life like this never happened and you will not ever hear back again from me.
You'll make the payment via Bitcoin (if you do not know this, search 'how to buy bitcoin' in Google).
if you are planning on going to the law, surely, this e-mail can not be traced back to me, because it's hacked too. I have taken care of my actions. i am not looking to ask you for a lot, i simply want to be paid.
if i do not receive the bitcoin;, i definitely will send out your video recording to all of your contacts including friends and family, co-workers, and so on. Nevertheless, if i do get paid, i will destroy the recording immediately.
If you need proof, reply with Yeah then i will send out your video recording to your 8 friends.
it's a nonnegotiable offer and thus please don't waste mine time & yours by replying to this message.
Hello!
I'm the software engineer who hacked into your device's OS.
I've been observing you for months now. The thing is, you've been infected with malware through the adult website you visited.
In case you're not familiar with it, I'll explain. The Trojan infection gives me full access and control over your computer or any other device on your local. It means that I can see everything on your screen, turn on my camera and microphone, but you do not know about it.
I also have access to all your contacts, social networking data and all your correspondence.
Why didn't your antivirus detect any malware? A: My malware uses a driver, I update its signatures every 4 hours to keep your antivirus silent.
I have made a video showing how you satisfy yourself on the left side of the screen, and on the right side you see the video you have been watching. With one click, I can send this video to all your contacts in the email and social networks. I can also publish access to all your emails and messaging apps that you use.
If you want to prevent this, at that point: Transfer $400(USD) to my bitcoin wallet (if you do not know how to do it, then type in to Google: "Purchase a bitcoin").
My Bitcoin Wallet:1EGBGBptS9yKNPYYU9qUEoPNLptee8CEq9
After getting the payment, I will destroy the video and you won't hear from me again. I will provide you 50 hours (more than two days) to pay. I have a notice that you read this email and the timer started you opened it.
Don't attempt to answer me. It doesn't make any sense (the sender's address is generated by random). Filing a complaint somewhere doesn't make sense, because this email cannot be tracked, and neither can my bitcoin address. I don't make mistakes.
If I find that you shared this message with someone else, the video will be distributed immediately. Good luck with that.
And here are some common keywords used in the email so that this thread can be found by people Googling the email:
"Marlware, international hacker group, No‌ p‌erso‌n has co‌mp‌ensat‌ed, very o‌wn vid‌eo‌ cli‌p, software on the adult, porno sitio, one of your pass word, .br, specific pixel, sexual content web portal, a malware on the adult, a malware on the, double-screen, is a reasonable price tag for our little secret, you have a good taste lmao, I placed a malware on the adult vids, your browser began operating as a RDP, had been abusing yourself in front of computer display, you are one of those people that downloaded the malicious, I made a split-screen video, While you were watching the video, your web browser acted as, malware on the porn website and guess what, an unique pixel, you jerked off while watching an online video, When you pressed the play button the virus begins saving all the things thru, ja.scr, My malicious soft started your front cam, and also send the video link to all of yourfriends, I infected your gadget with a malware and now, AnywaysI downloaded all contacts, my program quickly got into your system, To a time where you jerk off watching","For the present moment I have at my disposal all, When you arouse sexually watching porno, In such a way all needed compromising material and contact, All information to yours SNSs user accounts, You watched sexual content portal and toss","Hello! WannaCry is back! All your, in front of the screen browsing adult stuff, As you flog the dummy watching, U are going to be offered 5 days after checking this notice, RAT 68006, the damnific malware, pastime and entertainment there, not my single victim, beat the dummy, buff the muffin, choke a chicken, front camera capturing video, with you frigging, with you chaturbating, with you masturbating, web digicam, U are going to have 5 dayss, i utilize just hacked wi, pressured this trojan to, glue a pair of videos, glue two videos, the RAT, if you want me to destroy this whole video, downloaded all contacts from your computer, your list of contacts or relatives will, I made a video that shows how you masturbate, hacked you through a virus in an ad on a porn website, my illiteracy, nоt mind on my illiterаcy, I рilfered all рrivy bаckground, videоtaре with yоur masturbаtion, my delеtеrious soft, cаmеra shооt the videоtaрe, you sеlf-аbusing, Differently I will send the video to all your colleagues and friends, your front-camera made the videotape with you self-abusing, RAT 98390 malware, the minute you went to one adult page, information to contact info I discovered on your devices and remember there is a lot of these, not including Double VPN As a result, I forced my malware to hook up to a mic, web camera and catch the video from it, poisoned a number of adult sites, video clip to fit on a single tv screen, This letter has invisible monitoring program inside and i will be aware of when you are going to check, doing ur stuff and a clip u jerked to, the investigation will last, I uploaded our malicious program on your device, furthermore malware saved exactly the video you chose, its a record with your wanking, friends will see u taking proper care of yourself, Your system is controlled by the malicious program, If you were more careful while playing with yourself, that whacking off to adult web-sites is, adult website which was poisoned with my malware, nor i think that jerking off to porn sites is really a gross thing, so I dgf lmao, proof just reply to this email with, if you want me to destroy all this compromising evidence, will send your video to 5 contacts, amount in Usd that can cope with this scenario, You are welcome to contact your local authorities, If you want proof, reply with, i pride myself in being apart of an internet group, so i dgf, I take good care of my being anonymous, information related to the RAT virus, been able get in to all ur units, to all of your contacts including, search engines like goo, case sensitive, so copy,, and at this moment I, It is a non-nego, don't waste my perso, thi s mes, back while visiting, showe ring, what should you do ?, porno webpage, this embarrassing situation, navigated to the page, bare-assed, on well-known websites and publications, I got an order from someone to kill you and your family, immediately kill your family, is an explosive device, My mercenary is, explosive device detonates, triggered your webcam, piquant websites, my exploit downloaded, replenish btc wallet, i‌nstanta‌neo‌usly ‌erase, actua‌l r‌eco‌rded ma‌t‌eri‌al, n‌egl‌ect this ‌ema‌i‌l, my RAT trojan, video you jerked, I used keylogger, your disk dump, malware intercepts, installed a malware, remo‌v‌e yo‌ur vi‌deo‌ fo‌o‌ta‌ge, RAT onto your computer, greasy stimulating actions, excentric preferrables, porn web-page, to your Tax Department, network will be DDoS, friends, WannaCry, building a protection policy, in Tax Departament, Yours service going, we pass CloudFlare, hear fake-experts, backuped phone, -1663, of your joys, digits your phone, (porno), BIG pervert, both files and scale, naughty video clips, Soy un hacker, I installed spyware, n website with teen, malware on the porn website, very own recorded material""Marlware, international hacker group, No‌ p‌erso‌n has co‌mp‌ensat‌ed, very o‌wn vid‌eo‌ cli‌p, software on the adult, porno sitio, one of your pass word, specific pixel, sexual content web portal, a malware on the adult, a malware on the, double-screen, is a reasonable price tag for our little secret, you have a good taste lmao, I placed a malware on the adult vids, your browser began operating as a RDP, had been abusing yourself in front of computer display, you are one of those people that downloaded the malicious, I made a split-screen video, While you were watching the video, your web browser acted as, malware on the porn website and guess what, an unique pixel, you jerked off while watching an online video, When you pressed the play button the virus begins saving all the things thru, ja.scr, My malicious soft started your front cam, and also send the video link to all of yourfriends, I infected your gadget with a malware and now, AnywaysI downloaded all contacts, my program quickly got into your system, To a time where you jerk off watching","For the present moment I have at my disposal all, When you arouse sexually watching porno, In such a way all needed compromising material and contact, All information to yours SNSs user accounts, You watched sexual content portal and toss","Hello! WannaCry is back! All your, in front of the screen browsing adult stuff, As you flog the dummy watching, U are going to be offered 5 days after checking this notice, RAT 68006, the damnific malware, pastime and entertainment there, not my single victim, beat the dummy, buff the muffin, choke a chicken, front camera capturing video, with you frigging, with you chaturbating, with you masturbating, web digicam, U are going to have 5 dayss, i utilize just hacked wi, pressured this trojan to, glue a pair of videos, glue two videos, the RAT, if you want me to destroy this whole video, downloaded all contacts from your computer, your list of contacts or relatives will, I made a video that shows how you masturbate, hacked you through a virus in an ad on a porn website, my illiteracy, nоt mind on my illiterаcy, I рilfered all рrivy bаckground, videоtaре with yоur masturbаtion, my delеtеrious soft, cаmеra shооt the videоtaрe, you sеlf-аbusing, Differently I will send the video to all your colleagues and friends, your front-camera made the videotape with you self-abusing, RAT 98390 malware, the minute you went to one adult page, information to contact info I discovered on your devices and remember there is a lot of these, not including Double VPN As a result, I forced my malware to hook up to a mic, web camera and catch the video from it, poisoned a number of adult sites, video clip to fit on a single tv screen, This letter has invisible monitoring program inside and i will be aware of when you are going to check, doing ur stuff and a clip u jerked to, the investigation will last, I uploaded our malicious program on your device, furthermore malware saved exactly the video you chose, its a record with your wanking, friends will see u taking proper care of yourself, Your system is controlled by the malicious program, If you were more careful while playing with yourself, that whacking off to adult web-sites is, adult website which was poisoned with my malware, nor i think that jerking off to porn sites is really a gross thing, so I dgf lmao, proof just reply to this email with, if you want me to destroy all this compromising evidence, will send your video to 5 contacts, amount in Usd that can cope with this scenario, You are welcome to contact your local authorities, If you want proof, reply with, i pride myself in being apart of an internet group, so i dgf, I take good care of my being anonymous, information related to the RAT virus, been able get in to all ur units, to all of your contacts including, search engines like goo, case sensitive, so copy,, and at this moment I, It is a non-nego, don't waste my perso, thi s mes, back while visiting, showe ring, what should you do ?, porno webpage, this embarrassing situation, navigated to the page, bare-assed, on well-known websites and publications, I got an order from someone to kill you and your family, immediately kill your family, is an explosive device, My mercenary is, explosive device detonates, triggered your webcam, piquant websites, my exploit downloaded, replenish btc wallet, i‌nstanta‌neo‌usly ‌erase, actua‌l r‌eco‌rded ma‌t‌eri‌al, n‌egl‌ect this ‌ema‌i‌l, my RAT trojan, video you jerked, I used keylogger, your disk dump, malware intercepts, installed a malware, remo‌v‌e yo‌ur vi‌deo‌ fo‌o‌ta‌ge, RAT onto your computer, greasy stimulating actions, excentric preferrables, porn web-page, to your Tax Department, network will be DDoS, friends, WannaCry, building a protection policy, in Tax Departament, Yours service going, we pass CloudFlare, hear fake-experts, backuped phone, -1663, of your joys, digits your phone, (porno), BIG pervert, both files and scale, naughty video clips, Soy un hacker, I installed spyware, n website with teen, malware on the porn website, very own recorded material, ιs yοur ραssρhrαse, after seeing the video of you jerking off, τhιηκ οf ιτ αs α dοηατιοη, split-screen video, 𝐄𝐧𝐭𝐢𝐫𝐞 𝐯𝐢𝐝𝐞𝐨 𝐜𝐥𝐢𝐩 𝐮𝐧𝐝𝐞𝐫𝐭𝐚𝐤𝐢𝐧𝐠 𝐫𝐚𝐮𝐧𝐜𝐡𝐲 𝐦𝐚𝐭𝐭𝐞𝐫𝐬, 𝐚𝐜𝐭𝐮𝐚𝐥𝐥𝐲 𝐞𝐧𝐭𝐞𝐫𝐞𝐝 𝐭𝐡𝐚𝐭 𝐩𝐨𝐫𝐧𝐨 𝐢𝐧𝐭𝐞𝐫𝐧𝐞𝐭 𝐬𝐢𝐭𝐞, 𝐇𝐨𝐰 𝐰𝐢𝐥𝐥 𝐲𝐨𝐮 𝐩𝐮𝐭 𝐭𝐨𝐠𝐞𝐭𝐡𝐞𝐫 𝐭𝐡𝐞 𝐩𝐚𝐲𝐦𝐞𝐧𝐭"
submitted by EugeneBYMCMB to Scams [link] [comments]

Bitcoin Fullnode Install Guide for Dummies ;-)

Bitcoin Fullnode Install Guide for Dummies ;-)
Feel free to stop at Level 0 or Level 1, which is fine. More advanced configs are offered to those with more tech savvy. This guide, obviously assumes a Windows 10 install, but other OSes work fine, just find a different guide. BTW, the "For Dummies" is a callback to a set of "tech" books in the 90's intended to be as easy as possible. It is in jest and not intended to insult the reader. Finally, if you dislike the formatting, a well formatted copy can be found here
There is a fairly small subset of Bitcoin users that run a full node. I think the idea of running a full node has gotten a bad rap over the years since there is so much talk about running on a Raspberry Pi, or getting zippy SSDs. Although all of this can be fun, it is often not really required at all. Here are some ways to run a full node starting with the very simple. I'll get into more complex configs, but these are all optional.

Tech Skill Level: 0 (the basics)

  1. Download Bitcoin Core
  2. Launch the downloaded installer and install the app
  3. Launch the installed "Bitcoin Core" app and let it run overnight
In many cases, thats it. If your running a new machine with a fairly good internet connection, 8 or 9 hours will be enough to complete the "Initial Block Download" (IBD). This may fill up your drive a bit, but again, on most new machines, 300 GB of space isn't that hard to come by.

Tech Skill Level: 1 (encrypted wallet)

One thing we left out in the level-0 exercise is encrypting your wallet. It's easy enough to do well, but a bit more difficult to do right. The main challenge is that humans generate really poor passwords. If you want a good password, the best way is to use something called "diceware". Basically, you just grab 4 or 5 dice and each throw of the dice represents a certain word on a special list. The throw {1,4,5,3,1} for example would be the word camping on the EFF-diceware-wordlist. So you repeat this a few times until you have a list of 8 or so words which becomes the passphrase you use to encrypt your wallet. Write it down, it is always hard to remember at first. So at level-1 your list becomes:
  1. Download Bitcoin Core
  2. Launch the downloaded installer and install the app
  3. Launch the installed "Bitcoin Core" app and let it run overnight
  4. Choose Encrypt Wallet from the Settings menu
  5. Enter your 8 word (or so) passphrase generated using the Diceware method

Wallet Encryption Dialog

Tech Skill Level: 2 (enable pruning if needed)

Though I said "300 GB of space isn't hard to come by", some times it actually is. If space is an issue, a simple way to fix it is to tell bitcoin to simple take less space. This is called "pruning" and can take that number from 300 GB down to below 5 GB. If you can't find 5 GB, then you'll have to read ahead to level-4 to add USB storage. But the good news is, enabling pruning is pretty easy, we just add another step to our working list:
  1. Download Bitcoin Core
  2. Launch the downloaded installer and install the app
  3. Launch the installed "Bitcoin Core" app and let it run overnight
  4. Do the wallet encryption steps here if you wish
  5. Choose Options from the Settings menu
  6. Choose Prune block storage to: and select the max size for the blocks to use
  7. Exit and restart the bitcoin application for the changes to take effect

Pruning Dialog
Note, even setting this to 1 GB will still leave you with about a 4.5 GB install. The blocks take up a lot of space, but the chainstate and other folders eat up at least 3.5 GB and they can't be pruned. Also, be aware, to disable pruning requires you to perform the entire IBD again. While pruned some other functions my be disabled as well, so just know that pruning does limit some functionality.

Tech Skill Level: 3 (verify the installer)

Although this is arguably something that should be done at level-0, some find the intricacies of comparing hash (thumbprint) values to be tedious and beyond the scope of a beginner. You will find these types of hash compares suggested quite often as a way to prevent running tainted programs. Programs are often tainted by bad disk or network performance, but most often, taint is malicious code inserted by viruses or malware. This is a way to guard yourself against those types of attacks.
What I cover here is a very basic comparison on the certificate, but a more thorough verification advised by mosts uses a program called Gpg4Win, and is beyond the scope of this beginners guide. But regardless, most users should strive to do this minimum level of validation.
  1. Download Bitcoin Core
  2. Launch the downloaded installer
  3. When prompted "Do you want to allow..." click Show more details
  4. In the details section select Show information about the publisher's certificate
  5. In the certificate window select the Details tab
  6. In the Details tab Subject should start with "CN = Bitcoin Core Code Signing Association"
  7. Ensure Thumbprint in Details reads ea27d3cefb3eb715ed214176a5d027e01ba1ee86
  8. If the checks pass, click OK to exit the certificate window and Yes to allow the installer to run.
  9. Launch the installed "Bitcoin Core" app and let it run overnight
  10. Do the wallet encryption steps here if you wish
  11. Do the optional pruning steps here if you wish

Certification Validation Windows
Note: The certificate used to sign the current Bitcoin installer is only valid from March 2020 to March 2021. After that point the thumbprint on the certificate will change. This is by design and intentional. If your reading this post after March 2021, then it is understood that the thumbprint has changed.

Tech Skill Level: 4 (use secondary storage)

We glossed over the "new machine with fairly good internet" part. Truth be known many people do not have fairly new machines, and find the IBD to take longer than the "over night" best wishes. For most people the slowdown is the disk access when calculating what is called chainstate. This requires fast random reads and writes to the disk. If you have an SSD disk, this will be no problem, but if you have a non-SSD "spinning" disk, random writes are always slow. Though an SSD will speed things up, they are pricey, so a nice middle ground may be a simple high-end USB key drive. You can get some with 10 to 15 MB/s random writes for $20 on Amazon. This is usually a order of magnitude faster than a "spinning" disk. And with pruning (see level-2), a small USB drive should be fine.
Once you decide on a drive, the tricky part will be to enable external storage. It requires editing a configuration file and adding a line. First, we want to create a directory on the key drive. You will need to determine the drive letter of your USB key drive. For the sake of this example, we will assume it is D:, but you must determine this yourself and correct the example. Once you know the drive letter, create a blank folder on the drive called Bitcoin. So for this example, creating Bitcoin on drive D: will create the path D:\Bitcoin. Once done, assuming that D: is your drive, here are the new steps including the edit of the configuration file:
  1. Download Bitcoin Core
  2. Launch the installer, verify it, then run it
  3. Launch the installed "Bitcoin Core" app and let it run overnight
  4. Do the wallet encryption steps here if you wish
  5. Do the optional pruning steps here if you wish
  6. Launch "Notepad" by typing "Notepad.exe" in the windows search bar then click Open
  7. Type the line datadir=D:\Bitcoin (depending on your drive letter) in the blank file
  8. Choose Save from the File menu in notepad
  9. Type %APPDATA%\Bitcoin\bitcoin.conf (note the percent signs) in the File name box
  10. Select All Files from the Save as type dropdown
  11. Click the Save button and overwrite the file if prompted
  12. Exit and restart the bitcoin application for the changes to take effect

Save As Dialog
Now that you've reached this level of technical expertise, there are many new configuration options that you can begin to modify if you wish. Most configuration data is contained in the bitcoin.conf file and learning how to maintain it is a key step for a node operator.

Tech Skill Level: 5 (all other customizations)

Here's a short list of various things you can ADD to your bitcoin.conf file. You generally just add a new line for each configuration settings.
  • addresstype=bech32
  • changetype=bech32
The addresstype / changetype allows your wallet to use the native-segwit (bech32) format. This is the most efficient and inexpensive way to spend bitcoin, and is a recommended configuration. The default uses something called p2sh-segwit which is more compatible with older wallets, but more expensive to spend.
  • minrelaytxfee=0.00000011
Changing the minrelaytxfee setting allows you to help propagate lower fee transactions. It will require more memory but TXN memory is capped at 300 MB by default anyways, so if you have enough memory, it is a good setting to choose.
  • dbcache=2048
The dbcache setting controls how many MB of memory the program will use for the chainstate database. Since this is a key bottleneck in the IBD, setting this value high (2048 MB) will greatly speed up the IBD, assuming you have the memory to spare
  • blocksdir=C:\Bitcoin
  • datadir=D:\Bitcoin
In level-4 we discussed moving the datadir to a fast external storage, but the majority of the space used for bitcoin is the blocks directory (blocksdir). Although you should always use for fastest storage for datadir, you are free to use slow storage for blocksdir. So if you only want to consume a small amount of your SSD (assumed D:) then you can keep your blocks on your slow "spinning" drive.
  • upnp=1
One of the harder challenges you may face running a node, is to get incoming connections. If you are lucky, you may find that your firewall and network HW support the uPnP protocol. If they do, this setting will allow bitcoin to configure uPnP to allow incoming connections to your node. Other methods exist to make your node reachable, but they are well beyond the scope of this guide.
submitted by brianddk to Bitcoin [link] [comments]

Everyday info sec, hardcore info sec, and DNMs

Edit: Currently writing a new version of this, dont know when it will be done.
Edit: Since first post I have updated a few sections with additional information.
I recommend reading it all even if it is very long, I might have placed some relevant info in different sections while thinking about what else needed to be added, plenty of steps remains mostly the same except when I comment directly on it. It is not necessary to do 100% security all the time, unless you absolutely need it, combining some high and some lower security ideas for a balance of security and convenience is useful.
I will base this mostly on Windows, Linux users probably know this, and I have no idea how apple machines work (tho many things in here are still relevant for other operating systems, as they are just general tips)
Disclaimer: There are certainly other steps that can make you more anonymous or safer, however I think for most people this will surfice. Any software I recommend should be independently verified for security, and examples of software are not to be taken as endorsements. I simply use examples and give recommendations when I believe it necessary, or helpful.
I will not really differentiate between anonymity and security, they are often the same thing. As such the word security can mean either more anonymous, less vulnerable, or both.
--------
Everyday Simple Info Sec:
-There could be a hidden administrator user on your PC, make sure to change its password
(Snapchat msgs, reddit dms, discord msgs, are just a few examples of msgs that are never encrypted)
-Any info even send in encrypted msgs (and obviously non encrypted) should still be kept with possible deniability, don't say "I'm gonna do MDMA", say "I'm going out with molly."
-DO NOT STORE ANY PASSWORDS ON GOOGLE, IF GOOGLE LOGIN IS AUTHENTICATED IT WILL AUTFILL ALL PASSWORDS IT HAS SAVED (same with other similar services) (This means if you are logged in to chrome and someone has access to your machine, they can auto fill passwords without entering a single password)
-use a rememberable passphrase, especially for your master key ring aka password manager A long sentence that is memorable makes an okay password (decent example,: "I met my wife at Little Ceasers for the first time on 07/09/20" better even if it's just something you know, if its impersonal, and if you can add special characters or numbers that you won't forget) (A better example for a passphrase is: "There is 0nly 0ne letter that d0esn’t appear in any U.S. state nameQ")
-Purge your internet activity frequently, there's a reason why I only have one post, and a few comments appearing in my account, but thousands of kama. Exposing information needlessly is not good.
-Never post private information publicly, and if you do, do it vaguely as possible. (Example: Not "I'm 15", say "I'm a teenager") Do not post any vital information ever, no birthdays, mother's maiden name, age, or anything you have ever seen in a security question. Never post your current activities while they are ongoing. You going on a vacation? Don't announce it to the world, taking picture there? Post them when you are home.
-Rethink how you do security questions. Many answers to security questions can be found in your internet history. One could use the first word of the security question as an answer, or a different sceme that will mean you always remember it. (Security question need to go, the amount of personal info an average person puts on the internet makes it easy to attack anything using security question)
-------_
High level crimimal information security:
The motto here is, "All the Security, All the Time" As one fuck up can end with you leaving a lick of traceability, and you could be fucked.
Pre Note: All of your software should always be up to date. Also even perfect info sec does not guarantee you are completely safe, a new zero day (exploit) can still fuck you, but good info security makes you significantly safer, by eliminating as many attacks as possible.
-Get a new device (or make a already owned device seem like you never owned it, do this only if you know how to, there's a lot of stuff that goes into that, like changing your mac adress etc) buy with cash, and your face covered, preferably far away from where you live. (Do I need to specify to not bring your phone or anything else that tracks your location to anywhere you want to go anonymously?) (Be aware that even hardware can have vulnerabilities, many cpus have known vulnerabilities, I can't list them all, do some research before buying)
-If you know how to use Tails (A linux distro designed for Info sec) use that, preferably on a USB. (Or learn how to use tails, its better, but complicated) Otherwise a clean copy of windows (make sure its not in any way associated with you) can do the job too, tho not as well. (Using a VM might give extra security, since VMs usually erase all data and RAM they were using on shutdown)
-Get a non tracking VPN, Enable the kill switch (a setting that disables all traffic that doesn't go through the VPN) (change your firewall settings to only allow the traffic from the VPN, windows guide (Change settings so only traffic from the tor application is send) Edit: (Due to complaints: do not use vpn over tor, use tor over vpn. tor over vpn has no notable downside, if the VPN logs it makes no difference, your ISP will always log anyways, and vpns remove other attack vectors and also provide backup security should tor fail. Again even if the VPN tracks you only change the people doing the tracking, but now you are further removed making it more anonymous and also with less vulnerabilities)
-rember privacy settings, cookie cleaner, and antivirus, password (There could be a hidden administrator user on your PC, make sure to change its password)
-Always use the device on a non admin account
-Ideally use this device only on networks that are not connected with you. Such as public networks (try to never use the same public networks twice, move around) (a home network should be fine now, as it should never be exposed, but more security is always better) (Its just a conveniences vs security trade)
-Never use accounts that have been exposed to lower security on higher security machines
-your browser is now TOR (or your preferred security focused browser, if you dont plan on using onion ) Make sure you get the standalone version of tor not the addon build (the standalone is safer, because there are less settings and options to tweak)
-Change your tor settings, to safest mode, enable a bridge (to my knowledge there's no difference in security between the build in bridges in tor), enable automatic updates, set duckduckgo onion as your primary browser. Set dark.fail onion page as your home page. (Or your preferred privacy search engine and onion directory)
-------_
How to use dark net markets (DNMs)
If you finished your High Security setup, we can dive right in. Otherwise go do that. This is where all that is essential.
Quick info on Tor, and onion sites. There is no search engine. It's all based of directories and addresses you are given by others. Tor will likely not be very quick, it has to pass through multiple networks to get to the destination. DNMs sometimes exit scam, an exit scam is when a market shuts down completely and takes all the money, this is a risk when using DNMs, it's not too common but happens maybe 0-4 times a year. The admins of thoese servers need to get out at some point, before they get jailed, so they exit the game, and scam everyone out of their money.
-A very useful onion directory is dark.fail it has a lot of links, for all kinds of stuff. News, email, DNMs, Psychonautwiki (harm reduction website), forums etc. (Other directories also exist)
-Pick a market, preferably one that handles secure connection server side instead of requiring you to establish the secure connection. Then create an account. Your account once created should include an entry box in your profile for a pgp key, post your PUBLIC key in there. (Verify the link is not a scam, most markets should provide a pgp signature)
-Next is currency setup. All major cryptocurrency exchangers can be used, I can recommend coin base but there could be better ones out there. Unless you find a small non U.S., exchange, they will always ask for your identity. So unless you can find a trustworthy exchange that doesn't ID, you will need to give it to them. (Side note, all major crypto exchangers report to the IRS, if the IRS asks you if you bought cryptocurrency and you bought while having IDed yourself SAY YES, DO NOT COMMIT TAX FRAUD WHEN THEY KNOW YOU DID)
-Transfer (monero you can send directly, btc you should scramble) to your wallet. There are two options a cold wallet (physical) or a software wallet. Software wallets usually dont cost anything so I recommend them, even if often less safe. Electrum is easy to use, and pretty safe. You can also do your own research and find a wallet that fits your needs.
-now you are ready to buy, only buy using escrow (it means the money is held by the market as a middle man until the product is delivered, they will also handle any issues like wrong quantity, cuts, etc), judge the reviews for a product, and if available look at the history of the vendor, until you find a product from a vendor you trust. (I recommend to buy within your country as much as possible, so it doesn't go through customs, it's very rare that something is found, but it can happen)
-now you get to buy, depending on market, you either have cryptocurrency stored in their wallets (not recommend, you will lose it in an exit scam) or you can send it every order. When you send your delivery adress (or the one you want it to go to) encrypt the adress using the sellers public key. Make sure the adress is correct.
-wait for the product, make sure to extend the escrow until the product arrives, if you can't extend it anymore dispute the order, and a moderator will step in
-test the product, use it, and leave a review. PLEASE LEAVE A REVIEW, DNMs only work because of reviews.
Edit: Didn't imagine I would write over 15000 words. Oh well, it was fun. Hope it helps, if you have any questions feel free to ask.
No idea how long this will stay up, I might purge it in 7 days, or never.
submitted by seven_N_A7 to u/seven_N_A7 [link] [comments]

What I currently use for privacy (after almost 2 years of long investing into it)

First of all, my threat model: I'm just an average person that wants to AVOID the maximum I can to be monitored and tracked by the government and big corps, a lot of people out there REALLY hate me and I've gone through lots of harassment and other stuff, I also plan to take my activism and love for freedom more seriously and to do stuff that could potentially lead me to very high danger or even put my life on the line. That being said, my main focus is on something that is privacy-friendly but also something with decent security (no point having a lot of privacy if a script kiddie can just break into it an boom, everything is gone) anonymity is also desirable but I'm pretty aware that true 100% anonymity is simply not possible and to achieve the maximum you can of it currently you'd have to give up A LOT of stuff in which I don't think I really could. So basically, everything that I said + I don't want to give up some hobbies of mine (as playing games etc)
Here's what I use/have done so far, most of it is based on privacytools.io list and research I've done.
Mobile:
Google Pixel 3a XL running GrapheneOS
Apps: Stock apps (Vanadium, Gallery, Clock, Contacts etc) + F-DROID, NewPipe, OsmAnd+, Joplin, Tutanota, K-9 Mail, Aegis Authenticator, KeePassDX, Syncthing, Signal, Librera PRO, Vinyl, Open Camera and Wireguard.
I also use BlahDNS as my private DNS.
Other smartphone stuff/habits: I use a Supershieldz Anti Spy Tempered Glass Screen Protector on my phone and I also have a Faraday Sleeve from Silent Pocket which my phone is on most of the times (I don't have smartphone addiction and would likely advice you to break free from smartphone addiction if you have it). I NEVER use bluetooth (thank god Pixel 3a have a headphone jack so yeah, no bluetooth earphones here) and always keep my Wi-Fi off if I'm not using it.
Computer:
I have a desktop that I built (specs: Asus B450M Gaming, AMD Ryzen 3 3300X, Radeon RX 580 8GB, 16GB DDR4 2666Mhz, 3TB HDD, 480GB SSD) that is dualbooted with QubesOS and Arch Linux.
Qubes is my main OS that I use as daily driver and for my tasks, I use Arch for gaming.
I've installed linux-hardened and its headers packages on my Arch + further kernel hardening using systctl and boot parameters, AppArmor as my MAC system and bubblewrap for sandboxing programs. I also spoof my MAC address and have restricted root access, I've also protected my GRUB with password (and use encrypted boot) and have enabled Microcode updates and have NTP and IPV6 disabled.
Also on Arch, I use iptables as a firewall denying all incoming traffic, and since it's my gaming PC, I don't game on the OS, instead, I use a KVM/QEMU Windows VM for gaming (search "How I Built The "Poor-Shamed" Computer" video to see what I'm talking about) I also use full disk encryption.
Software/Providers:
E-Mails: I use ProtonMail (Plus Account paid with bitcoin) and Tutanota (free account as they don't accept crypto payment yet, come on Tutanota, I've been waiting for it for 2 years already) since I have plus account on ProtonMail it allows me to use ProtonMail Bridge and use it on Claws Mail (desktop) and K-9 Mail (mobile) as for Tutanota I use both desktop and mobile app.
Some other e-mails habits of mine: I use e-mail aliases (ProtonMail plus account provides you with 5) and each alias is used for different tasks (as one for shopping, one for banking, one for accounts etc) and none of my e-mails have my real name on it or something that could be used to identify me. I also highly avoid using stuff that require e-mail/e-mail verification for usage (e-mail is such a pain in the ass tbh) I also make use of Spamgourmet for stuff like temporary e-mail (best service I found for this doing my research, dunno if it's really the best tho, heard that AnonAddy does kinda the same stuff but dunno, recommendations are welcomed)
Browsers/Search Engine: As mentioned, I use Vanadium (Graphene's stock browser) on mobile as it is the recommended browser by Graphene and the one with the best security for Android, for desktop I use a Hardened Firefox (pretty aware of Firefox's security not being that good, but it's the best browser for PC for me as Ungoogled Chromium is still not there in A LOT of things + inherent problems of Chrome as not being able to disable WebRTC unless you use an extension etc) with ghacks-user.js and uBlock Origin (hard mode), uMatrix (globally blocking first party scripts), HTTPS Everywhere (EASE Mode), Decentraleyes (set the recommended rules for both uBlock Origin and uMatrix) and Temporary Containers as addons. I also use Tor Browser (Safest Mode) on a Whonix VM on Qubes sometimes. DuckDuckGo is my to-go search engine and I use DNS over HTTPS on Firefox (BlahDNS as my provider once again)
browsing habits: I avoid JavaScript the maximum I can, if it's really needed, I just allow the scripts temporarely on uBlock Origin/uMatrix and after I'm done I just disable it. I also generally go with old.reddit.com instead of reddit.com (as JavaScript is not required to browse the old client), nitter.net for checking twitter stuff (although I rarely have something peaking my interest on Twitter) and I use invidious.snopyta.org as youtube front-end (I do however use YouTube sometimes if a video I wanna see can't be played on invidious or if I wanna watch a livestream) and html.duckduckgo.com instead of duckduckgo.com other than avoiding JavaScript most of my browsing habits are just common sense at this point I'd say, I also use privatebin (snopyta's instance) instead of pastebin. I also have multiple firefox profiles for different tasks (personal usage, shopping, banking etc)
VPN: I use Mullvad (guess you can mention it here since it's PTIO's recommended) paid with bitcoin and honestly best service available tbh. I use Mullvad's multihop implementation on Wireguard which I manually set myself as I had the time and patience to learn how.
password manager: KeePassXC on desktop and KeePassDX on my smartphone, my password database for my desktop is stored on a USB flash driver I encrypted with VeraCrypt.
some other software on desktop: LibreOffice (as a Microsoft Office substitute), GIMP (Photshop substitute), Vim (I use it for multiple purposes, mainly coding IDE and as a text editor), VLC (media player), Bisq (bitcoin exchange), Wasabi (bitcoin wallet), OBS (screen recording), Syncthing (file sync), qBitTorrent (torrent client) and Element (federated real-time communication software). I sadly couldn't find a good open-source substitute to Sony Vegas (tested many, but none was in the same level of Vegas imo, KDENLive is okay tho) so I just use it on a VM if I need it (Windows VM solely for the purpose of video editing, not the same one I use for gaming)
Other:
router: I have an Asus RT-AC68U with OpenWRT as its firmware. I also set a VPN on it.
cryptocurrency hardware wallet: I store all of my cryptocurrency (Bitcoin and Monero) on a Ledger Nano S, about 97% of my money is on crypto so a hardware wallet is a must for me.
I have lots of USB flash drivers that I use for Live ISOs and for encrypted backups. I also have a USB Data Blocker from PortaPow that I generally use if I need to charge my cellphone in public or in a hotel while on a trip (rare occasion tbh).
I have a Logitech C920e as webcam and a Blue Yeti microphone in which I never let them plugged, I only plug them if it's necessary and after I'm done I just unplug them.
I also have a Nintendo Switch Lite as a gaming console that I most of the times just use offline, I just connect to the internet if needed for a software update and then just turn the Wi-Fi off from it.
Other Habits/Things I've done:
payments: I simply AVOID using credit card, I try to always pay on cash (I live in a third-world country so thank god most of people here still depend on cash only) physically and online I try my best to either by using cryptocurrency or using gift cards/cash by mail if crypto isn't available. I usually buy crypto on Bisq as I just don't trust any KYC exchange (and neither should you) and since there aren't many people here in my area to do face to face bitcoin trade (and I'm skeptical of face to face tbh), I use the Wasabi Wallet (desktop) to coinjoin bitcoin before buying anything as this allows a bit more of privacy, I also coinjoin on Wasabi before sending my bitcoins to my hardware wallet. I also don't have a high consumerism drive so I'm not constantly wanting to buy everything that I see (which helps a lot on this criteria)
social media/accounts: as noted, aside from Signal and Element (which I don't even use that often) I just don't REALLY use any social media (tried Mastodon for a while but I was honestly felt it kinda desert there and most of its userbase from what I've seen were some people I'd just... rather don't hang with tbh) and, althoug not something necessary is something that I really advise people to as social media is literally a poison to your mind.
I also don't own any streaming service like Netflix/Amazon Prime/Spotify etc, I basically pirate series/movies/songs and that's it.
I've also deleted ALL my old accounts from social media (like Twitter etc) and old e-mails. ALL of my important and main accounts have 2FA enabled and are protected by a strong password (I use KeePass to generate a 35 character lenght password with numbers, capital letters, special symbols etc, each account uses a unique password) I also NEVER use my real name on any account and NEVER post any pictures of myself (I rarely take pictures of stuff if anything)
iot/smart devices: aside from my smartphone, I don't have any IOT/smart device as I honestly see no need for them (and most of them are WAY too expensive on third-world countries)
files: I constatly backup all of my files (each two weeks) on encrypted flash drivers, I also use BleachBit for temporary data cleaning and data/file shredding. I also use Syncthing as a substitute to stuff like Google Drive.
Future plans:
learn to self-host and self-host an e-mail/NextCloud (and maybe even a VPN)
find something like BurneHushed but FOSS (if you know any please let me know)
So, how is it? anything that I should do that I'm probably not doing?
submitted by StunningDistrust to privacytoolsIO [link] [comments]

Technical: Taproot: Why Activate?

This is a follow-up on https://old.reddit.com/Bitcoin/comments/hqzp14/technical_the_path_to_taproot_activation/
Taproot! Everybody wants it!! But... you might ask yourself: sure, everybody else wants it, but why would I, sovereign Bitcoin HODLer, want it? Surely I can be better than everybody else because I swapped XXX fiat for Bitcoin unlike all those nocoiners?
And it is important for you to know the reasons why you, o sovereign Bitcoiner, would want Taproot activated. After all, your nodes (or the nodes your wallets use, which if you are SPV, you hopefully can pester to your wallet vendoimplementor about) need to be upgraded in order for Taproot activation to actually succeed instead of becoming a hot sticky mess.
First, let's consider some principles of Bitcoin.
I'm sure most of us here would agree that the above are very important principles of Bitcoin and that these are principles we would not be willing to remove. If anything, we would want those principles strengthened (especially the last one, financial privacy, which current Bitcoin is only sporadically strong with: you can get privacy, it just requires effort to do so).
So, how does Taproot affect those principles?

Taproot and Your /Coins

Most HODLers probably HODL their coins in singlesig addresses. Sadly, switching to Taproot would do very little for you (it gives a mild discount at spend time, at the cost of a mild increase in fee at receive time (paid by whoever sends to you, so if it's a self-send from a P2PKH or bech32 address, you pay for this); mostly a wash).
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash, so the Taproot output spends 12 bytes more; spending from a P2WPKH requires revealing a 32-byte public key later, which is not needed with Taproot, and Taproot signatures are about 9 bytes smaller than P2WPKH signatures, but the 32 bytes plus 9 bytes is divided by 4 because of the witness discount, so it saves about 11 bytes; mostly a wash, it increases blockweight by about 1 virtual byte, 4 weight for each Taproot-output-input, compared to P2WPKH-output-input).
However, as your HODLings grow in value, you might start wondering if multisignature k-of-n setups might be better for the security of your savings. And it is in multisignature that Taproot starts to give benefits!
Taproot switches to using Schnorr signing scheme. Schnorr makes key aggregation -- constructing a single public key from multiple public keys -- almost as trivial as adding numbers together. "Almost" because it involves some fairly advanced math instead of simple boring number adding, but hey when was the last time you added up your grocery list prices by hand huh?
With current P2SH and P2WSH multisignature schemes, if you have a 2-of-3 setup, then to spend, you need to provide two different signatures from two different public keys. With Taproot, you can create, using special moon math, a single public key that represents your 2-of-3 setup. Then you just put two of your devices together, have them communicate to each other (this can be done airgapped, in theory, by sending QR codes: the software to do this is not even being built yet, but that's because Taproot hasn't activated yet!), and they will make a single signature to authorize any spend from your 2-of-3 address. That's 73 witness bytes -- 18.25 virtual bytes -- of signatures you save!
And if you decide that your current setup with 1-of-1 P2PKH / P2WPKH addresses is just fine as-is: well, that's the whole point of a softfork: backwards-compatibility; you can receive from Taproot users just fine, and once your wallet is updated for Taproot-sending support, you can send to Taproot users just fine as well!
(P2WPKH and P2WSH -- SegWit v0 -- addresses start with bc1q; Taproot -- SegWit v1 --- addresses start with bc1p, in case you wanted to know the difference; in bech32 q is 0, p is 1)
Now how about HODLers who keep all, or some, of their coins on custodial services? Well, any custodial service worth its salt would be doing at least 2-of-3, or probably something even bigger, like 11-of-15. So your custodial service, if it switched to using Taproot internally, could save a lot more (imagine an 11-of-15 getting reduced from 11 signatures to just 1!), which --- we can only hope! --- should translate to lower fees and better customer service from your custodial service!
So I think we can say, very accurately, that the Bitcoin principle --- that YOU are in control of your money --- can only be helped by Taproot (if you are doing multisignature), and, because P2PKH and P2WPKH remain validly-usable addresses in a Taproot future, will not be harmed by Taproot. Its benefit to this principle might be small (it mostly only benefits multisignature users) but since it has no drawbacks with this (i.e. singlesig users can continue to use P2WPKH and P2PKH still) this is still a nice, tidy win!
(even singlesig users get a minor benefit, in that multisig users will now reduce their blockchain space footprint, so that fees can be kept low for everybody; so for example even if you have your single set of private keys engraved on titanium plates sealed in an airtight box stored in a safe buried in a desert protected by angry nomads riding giant sandworms because you're the frickin' Kwisatz Haderach, you still gain some benefit from Taproot)
And here's the important part: if P2PKH/P2WPKH is working perfectly fine with you and you decide to never use Taproot yourself, Taproot will not affect you detrimentally. First do no harm!

Taproot and Your Contracts

No one is an island, no one lives alone. Give and you shall receive. You know: by trading with other people, you can gain expertise in some obscure little necessity of the world (and greatly increase your productivity in that little field), and then trade the products of your expertise for necessities other people have created, all of you thereby gaining gains from trade.
So, contracts, which are basically enforceable agreements that facilitate trading with people who you do not personally know and therefore might not trust.
Let's start with a simple example. You want to buy some gewgaws from somebody. But you don't know them personally. The seller wants the money, you want their gewgaws, but because of the lack of trust (you don't know them!! what if they're scammers??) neither of you can benefit from gains from trade.
However, suppose both of you know of some entity that both of you trust. That entity can act as a trusted escrow. The entity provides you security: this enables the trade, allowing both of you to get gains from trade.
In Bitcoin-land, this can be implemented as a 2-of-3 multisignature. The three signatories in the multisgnature would be you, the gewgaw seller, and the escrow. You put the payment for the gewgaws into this 2-of-3 multisignature address.
Now, suppose it turns out neither of you are scammers (whaaaat!). You receive the gewgaws just fine and you're willing to pay up for them. Then you and the gewgaw seller just sign a transaction --- you and the gewgaw seller are 2, sufficient to trigger the 2-of-3 --- that spends from the 2-of-3 address to a singlesig the gewgaw seller wants (or whatever address the gewgaw seller wants).
But suppose some problem arises. The seller gave you gawgews instead of gewgaws. Or you decided to keep the gewgaws but not sign the transaction to release the funds to the seller. In either case, the escrow is notified, and if it can sign with you to refund the funds back to you (if the seller was a scammer) or it can sign with the seller to forward the funds to the seller (if you were a scammer).
Taproot helps with this: like mentioned above, it allows multisignature setups to produce only one signature, reducing blockchain space usage, and thus making contracts --- which require multiple people, by definition, you don't make contracts with yourself --- is made cheaper (which we hope enables more of these setups to happen for more gains from trade for everyone, also, moon and lambos).
(technology-wise, it's easier to make an n-of-n than a k-of-n, making a k-of-n would require a complex setup involving a long ritual with many communication rounds between the n participants, but an n-of-n can be done trivially with some moon math. You can, however, make what is effectively a 2-of-3 by using a three-branch SCRIPT: either 2-of-2 of you and seller, OR 2-of-2 of you and escrow, OR 2-of-2 of escrow and seller. Fortunately, Taproot adds a facility to embed a SCRIPT inside a public key, so you can have a 2-of-2 Taprooted address (between you and seller) with a SCRIPT branch that can instead be spent with 2-of-2 (you + escrow) OR 2-of-2 (seller + escrow), which implements the three-branched SCRIPT above. If neither of you are scammers (hopefully the common case) then you both sign using your keys and never have to contact the escrow, since you are just using the escrow public key without coordinating with them (because n-of-n is trivial but k-of-n requires setup with communication rounds), so in the "best case" where both of you are honest traders, you also get a privacy boost, in that the escrow never learns you have been trading on gewgaws, I mean ewww, gawgews are much better than gewgaws and therefore I now judge you for being a gewgaw enthusiast, you filthy gewgawer).

Taproot and Your Contracts, Part 2: Cryptographic Boogaloo

Now suppose you want to buy some data instead of things. For example, maybe you have some closed-source software in trial mode installed, and want to pay the developer for the full version. You want to pay for an activation code.
This can be done, today, by using an HTLC. The developer tells you the hash of the activation code. You pay to an HTLC, paying out to the developer if it reveals the preimage (the activation code), or refunding the money back to you after a pre-agreed timeout. If the developer claims the funds, it has to reveal the preimage, which is the activation code, and you can now activate your software. If the developer does not claim the funds by the timeout, you get refunded.
And you can do that, with HTLCs, today.
Of course, HTLCs do have problems:
Fortunately, with Schnorr (which is enabled by Taproot), we can now use the Scriptless Script constuction by Andrew Poelstra. This Scriptless Script allows a new construction, the PTLC or Pointlocked Timelocked Contract. Instead of hashes and preimages, just replace "hash" with "point" and "preimage" with "scalar".
Or as you might know them: "point" is really "public key" and "scalar" is really a "private key". What a PTLC does is that, given a particular public key, the pointlocked branch can be spent only if the spender reveals the private key of the given public key to you.
Another nice thing with PTLCs is that they are deniable. What appears onchain is just a single 2-of-2 signature between you and the developemanufacturer. It's like a magic trick. This signature has no special watermarks, it's a perfectly normal signature (the pledge). However, from this signature, plus some datta given to you by the developemanufacturer (known as the adaptor signature) you can derive the private key of a particular public key you both agree on (the turn). Anyone scraping the blockchain will just see signatures that look just like every other signature, and as long as nobody manages to hack you and get a copy of the adaptor signature or the private key, they cannot get the private key behind the public key (point) that the pointlocked branch needs (the prestige).
(Just to be clear, the public key you are getting the private key from, is distinct from the public key that the developemanufacturer will use for its funds. The activation key is different from the developer's onchain Bitcoin key, and it is the activation key whose private key you will be learning, not the developer's/manufacturer's onchain Bitcoin key).
So:
Taproot lets PTLCs exist onchain because they enable Schnorr, which is a requirement of PTLCs / Scriptless Script.
(technology-wise, take note that Scriptless Script works only for the "pointlocked" branch of the contract; you need normal Script, or a pre-signed nLockTimed transaction, for the "timelocked" branch. Since Taproot can embed a script, you can have the Taproot pubkey be a 2-of-2 to implement the Scriptless Script "pointlocked" branch, then have a hidden script that lets you recover the funds with an OP_CHECKLOCKTIMEVERIFY after the timeout if the seller does not claim the funds.)

Quantum Quibbles!

Now if you were really paying attention, you might have noticed this parenthetical:
(technical details: a Taproot output is 1 version byte + 32 byte public key, while a P2WPKH (bech32 singlesig) output is 1 version byte + 20 byte public key hash...)
So wait, Taproot uses raw 32-byte public keys, and not public key hashes? Isn't that more quantum-vulnerable??
Well, in theory yes. In practice, they probably are not.
It's not that hashes can be broken by quantum computes --- they're still not. Instead, you have to look at how you spend from a P2WPKH/P2PKH pay-to-public-key-hash.
When you spend from a P2PKH / P2WPKH, you have to reveal the public key. Then Bitcoin hashes it and checks if this matches with the public-key-hash, and only then actually validates the signature for that public key.
So an unconfirmed transaction, floating in the mempools of nodes globally, will show, in plain sight for everyone to see, your public key.
(public keys should be public, that's why they're called public keys, LOL)
And if quantum computers are fast enough to be of concern, then they are probably fast enough that, in the several minutes to several hours from broadcast to confirmation, they have already cracked the public key that is openly broadcast with your transaction. The owner of the quantum computer can now replace your unconfirmed transaction with one that pays the funds to itself. Even if you did not opt-in RBF, miners are still incentivized to support RBF on RBF-disabled transactions.
So the extra hash is not as significant a protection against quantum computers as you might think. Instead, the extra hash-and-compare needed is just extra validation effort.
Further, if you have ever, in the past, spent from the address, then there exists already a transaction indelibly stored on the blockchain, openly displaying the public key from which quantum computers can derive the private key. So those are still vulnerable to quantum computers.
For the most part, the cryptographers behind Taproot (and Bitcoin Core) are of the opinion that quantum computers capable of cracking Bitcoin pubkeys are unlikely to appear within a decade or two.
So:
For now, the homomorphic and linear properties of elliptic curve cryptography provide a lot of benefits --- particularly the linearity property is what enables Scriptless Script and simple multisignature (i.e. multisignatures that are just 1 signature onchain). So it might be a good idea to take advantage of them now while we are still fairly safe against quantum computers. It seems likely that quantum-safe signature schemes are nonlinear (thus losing these advantages).

Summary

I Wanna Be The Taprooter!

So, do you want to help activate Taproot? Here's what you, mister sovereign Bitcoin HODLer, can do!

But I Hate Taproot!!

That's fine!

Discussions About Taproot Activation

submitted by almkglor to Bitcoin [link] [comments]

Some newbie questions about Trezor device and bitcoin wallets

Greetings
I have never owned bitcoin before, but I studied how it works, so I think I have some understanding. I also studied options and it seems hardware wallet is the way to go for safety reasons.
So, question number One, am I correct that:
Unlike a bank account, where you keep one account usually, with bitcoin you keep generating new addresses, so if you own 1 bitcoin, you don't store it on one address, rather, you own many addresses, each containing part of your bitcoin, and when you spend, you just expend some of the addresses and throw them away, and when you receive, you generate new addresses for every transaction, so you accumulate these addresses that each are like a banknote of sorts, each having their own nominal value, and then you spend those banknotes and never use those addresses again. Right?
Question number Two, am I correct that:
All the addresses are generated from a certain big number, "master key" of sorts, which is private to me, which can be written in a form of "seed" which is what the device will give me when initialized, which is what I can use to recover my master key if I lose or break the device?
Question number Three, who does the address generation for bitcoin wallets for new incoming transactions? I assume it's the online wallet Trezor uses, right? So the device does not store any addresses of bitcoin wallets, right? It only stores my master key?
Assuming all are correct, can you please explain, in simpliest terms, how do I restore these addresses themselves, should Trezor online wallet be unavailable? I mean, it's hardly a possibility, but assume I have my seed, or even my Trezor device, but Trezor online wallet is unavailable. Assume I made hundreds of bitcoin transactions and my bitcoin is stored in hundreds of small pieces on different addresses. How do I recover all those? How do I know when to stop, when I have recovered them all? Assuming I don't know the amount I totally own by heart, so I cannot know when to stop (When I found all my bitcoin)?
I mean, it's unlimited, right, the amount of bitcoin addresses that can be generated from my "master key" of my Trezor? So how do I know which of them contain bitcoin? Like, say I have used 200 of them and 100 of them still contain bitcoins, and I lose the device, and have to restore from seed, how does it know that it has to generate only those 200, like, how does it know it doesnt have to generate more addresses, maybe those other addresses contain some bitcoin on them too?
Or does it, generate them always in the same order, so if it sees only blank unused addresses, it assumes it's time to stop? Like, if address 0-200 are all used but 200-300 are all unused still, it assumes it's fine to stop checking?
Also, on an unrelated note, how can I be sure I made no mistake in recording the seed? Can I just wipe the device and restore it from seed right after initializing it and receiving a small bitcoin transaction, to test it and be sure that I can recover my bitcoin in case I lose it? Is the device unlimited in terms of how many times it can be wiped and restored?
Thanks in advance!
submitted by RPMahoutsukai to TREZOR [link] [comments]

/r/Scams Common Scam Master Post

Hello visitors and subscribers of scams! Here you will find a master list of common (and uncommon) scams that you may encounter online or in real life. Thank you to the many contributors who helped create this thread!

If you know of a scam that is not covered here, write a comment and it will be added to the next edition.

Previous threads: https://old.reddit.com/Scams/search?q=common+scams+master+post&restrict_sr=on
Blackmail email scam thread: https://www.reddit.com/Scams/comments/jij7zf/the_blackmail_email_scam_part_6/
Some of these articles are from small, local publications and refer to the scam happening in a specific area. Do not think that this means that the scam won't happen in your area.

Spoofing

Caller ID spoofing
It is very easy for anyone to make a phone call while having any number show up on the caller ID of the person receiving the phone call. Receiving a phone call from a certain number does not mean that the person/company who owns that number has actually called you.
Email spoofing
The "from" field of an email can be set by the sender, meaning that you can receive scam emails that look like they are from legitimate addresses. It's important to never click links in emails unless absolutely necessary, for example a password reset link you requested or an account activation link for an account you created.
SMS spoofing
SMS messages can be spoofed, so be wary of messages that seem to be from your friends or other trusted people.

The most common scams

The fake check scam (Credit to nimble2 for this part)
The fake check scam arises from many different situations (for instance, you applied for a job, or you are selling something on a place like Craigslist, or someone wants to purchase goods or services from your business, or you were offered a job as a mystery shopper, you were asked to wrap your car with an advertisement, or you received a check in the mail for no reason), but the bottom line is always something like this:
General fraudulent funds scams If somebody is asking you to accept and send out money as a favour or as part of a job, it is a fraudulent funds scam. It does not matter how they pay you, any payment on any service can be fraudulent and will be reversed when it is discovered to be fraudulent.
Phone verification code scams Someone will ask you to receive a verification text and then tell you to give them the code. Usually the code will come from Google Voice, or from Craigslist. In the Google version of the scam, your phone number will be used to verify a Google Voice account that the scammer will use to scam people with. In the Craigslist version of the scam, your phone number will be used to verify a Craigslist posting that the scammer will use to scam people. There is also an account takeover version of this scam that will involve the scammer sending a password reset token to your phone number and asking you for it.
Bitcoin job scams
Bitcoin job scams involve some sort of fraudulent funds transfer, usually a fake check although a fraudulent bank transfer can be used as well. The scammer will send you the fraudulent money and ask you to purchase bitcoins. This is a scam, and you will have zero recourse after you send the scammer bitcoins.
Email flooding
If you suddenly receive hundreds or thousands of spam emails, usually subscription confirmations, it's very likely that one of your online accounts has been taken over and is being used fraudulently. You should check any of your accounts that has a credit card linked to it, preferably from a computer other than the one you normally use. You should change all of your passwords to unique passwords and you should start using two factor authentication everywhere.
Cartel scam
You will be threatened by scammers who claim to be affiliated with a cartel. They may send you gory pictures and threaten your life and the lives of your family. Usually the victim will have attempted to contact an escort prior to the scam, but sometimes the scammers target people randomly. If you are targeted by a cartel scam all you need to do is ignore the scammers as their threats are clearly empty.
Boss/CEO scam A scammer will impersonate your boss or someone who works at your company and will ask you to run an errand for them, which will usually be purchasing gift cards and sending them the code. Once the scammer has the code, you have no recourse.
Employment certification scams
You will receive a job offer that is dependent on you completing a course or receiving a certification from a company the scammer tells you about. The scammer operates both websites and the job does not exist.
Craigslist fake payment scams
Scammers will ask you about your item that you have listed for sale on a site like Craigslist, and will ask to pay you via Paypal. They are scamming you, and the payment in most cases does not actually exist, the email you received was sent by the scammers. In cases where you have received a payment, the scammer can dispute the payment or the payment may be entirely fraudulent. The scammer will then either try to get you to send money to them using the fake funds that they did not send to you, or will ask you to ship the item, usually to a re-shipping facility or a parcel mule.
Craigslist Carfax/vehicle history scam
You'll encounter a scammer on Craigslist who wants to buy the vehicle you have listed, but they will ask for a VIN report from a random site that they have created and they will expect you to pay for it.
Double dip/recovery scammers
This is a scam aimed at people who have already fallen for a scam previously. Scammers will reach out to the victim and claim to be able to help the victim recover funds they lost in the scam.
General fraudulent funds scams The fake check scam is not the only scam that involves accepting fraudulent/fake funds and purchasing items for scammers. If your job or opportunity involves accepting money and then using that money, it is almost certainly a frauduent funds scam. Even if the payment is through a bank transfer, Paypal, Venmo, Zelle, Interac e-Transfer, etc, it does not matter.
Credit card debt scam
Fraudsters will offer to pay off your bills, and will do so with fraudulent funds. Sometimes it will be your credit card bill, but it can be any bill that can be paid online. Once they pay it off, they will ask you to send them money or purchase items for them. The fraudulent transaction will be reversed in the future and you will never be able to keep the money. This scam happens on sites like Craigslist, Twitter, Instagram, and also some dating sites, including SeekingArrangement.
The parcel mule scam
A scammer will contact you with a job opportunity that involves accepting and reshipping packages. The packages are either stolen or fraudulently obtained items, and you will not be paid by the scammer. Here is a news article about a scam victim who fell for this scam and reshipped over 20 packages containing fraudulently acquired goods.
The Skype sex scam
You're on Facebook and you get a friend request from a cute girl you've never met. She wants to start sexting and trading nudes. She'll ask you to send pictures or videos or get on webcam where she can see you naked with your face in the picture. The scam: There's no girl. You've sent nudes to a guy pretending to be a girl. As soon as he has the pictures he'll demand money and threaten to send the pictures to your friends and family. Sometimes the scammer will upload the video to a porn site or Youtube to show that they are serious.
What to do if you are a victim of this scam: You cannot buy silence, you can only rent it. Paying the blackmailer will show them that the information they have is valuable and they will come after you for more money. Let your friends and family know that you were scammed and tell them to ignore friend requests or messages from people they don't know. Also, make sure your privacy settings are locked down and consider deactivating your account.
The underage girl scam
You're on a dating site or app and you get contacted by a cute girl. She wants to start sexting and trading nudes. Eventually she stops communicating and you get a call from a pissed off guy claiming to be the girl's father, or a police officer, or a private investigator, or something else along those lines. Turns out the girl you were sexting is underage, and her parents want some money for various reasons, such as to pay for a new phone, to pay for therapy, etc. There is, of course, no girl. You were communicating with a scammer.
What to do if you are a victim of this scam: Stop picking up the phone when the scammers call. Do not pay them, or they will be after you for more money.
Phishing
Phishing is when a scammer tries to trick you into giving information to them, such as your password or private financial information. Phishing messages will usually look very similar to official messages, and sometimes they are identical. If you are ever required to login to a different account in order to use a service, you should be incredibly cautious.
The blackmail email scam part 5: https://old.reddit.com/Scams/comments/g8jqnthe_blackmail_email_scam_part_5/
PSA: you did not win a giftcard: https://old.reddit.com/Scams/comments/fffmle/psa_you_did_not_win_a_gift_card/
Sugar scams
Sugar scammers operate all over the internet and usually come in two varieties: advance-fee scams where the scammer will ask for a payment from you before sending you lots of money, and fake check style scams where the scammer will either pull a classic fake check scam, or will do a "bill pay" style scam that involves them paying your bills, or them giving you banking information to pay your bills. If you encounter these scammers, report their accounts and move on.
Google Hangouts
Google Hangouts is a messaging platform used extensively by all kinds of scammers. If you are talking with someone online and they want you to switch to Hangouts, they are likely a scammer and you should proceed with caution.
Publishers Clearing House scams
PCH scams are often advance-fee scams, where you will be promised lots of money after you make an initial payment. You will never need to pay if you win money from the real PCH.
Pet scams
You are looking for a specific breed of puppy, bird, or other pet. You come across a nice-looking website that claims to be breeding them and has some available right now - they may even be on sale! The breeders are not local to your area (and may not even list a physical location) but they assure you they can safely ship the pet to you after a deposit or full payment. If you go through with the payment, you will likely be contacted by the "shipper" who will inform you about an unexpected shipping/customs/processing fee required to deliver your new pet. But there was never any pet, both the "breeder" and the "shipper" are scammers, typically operating out of Africa. These sites are rampant and account for a large percentage of online pet seller websites - they typically have a similar layout/template (screenshot - example)
If you are considering buying a pet online, some easy things to check are: (1) The registration date of the domain (if it was created recently it is likely a scam website) (2) Reverse image search the pictures of available pets - you will usually find other scam websites using the same photos. (3) Copy a sentence/section of the text from the "about us" page and put it into google (in quotes) - these scammers often copy large parts of their website's text from other places. (4) Search for the domain name and look for entries on petscams.com or other scam-tracking sites. (5) Strongly consider buying/adopting your pet from a local shelter or breeder where you can see the animal in person before putting any money down.
Thanks to djscsi for this entry.
Fake shipping company scams
These scams usually start when you try to buy something illegal online. You will be scammed for the initial payment, and then you will receive an email from the fake shipping company telling you that you need to pay them some sort of fee or bribe. If you pay this, they will keep trying to scam you with increasingly absurd stories until you stop paying, at which point they will blackmail you. If you are involved in this scam, all you can do is ignore the scammers and move on, and try to dispute your payments if possible.
Chinese Upwork scam
Someone will ask you to create an Upwork or other freelancer site account for them and will offer money in return. You will not be paid, and they want to use the accounts to scam people.
Quickbooks invoice scam
This is a fake check style scam that takes advantage of Quickbooks.
The blackmail email scam The exact wording of the emails varies, but there are generally four main parts. They claim to have placed software/malware on a porn/adult video site, they claim to have a video of you masturbating or watching porn, they threaten to release the video to your friends/family/loved ones/boss/dog, and they demand that you pay them in order for them to delete the video. Rest assured that this is a very common spam campaign and there is no truth behind the email or the threats. Here are some news articles about this scam.
The blackmail mail scam
This is very similar to the blackmail email scam, but you will receive a letter in the mail.
Rental scams Usually on local sites like Craigslist, scammers will steal photos from legitimate real estate listings and will list them for rent at or below market rate. They will generally be hesitant to tell you the address of the property for "safety reasons" and you will not be able to see the unit. They will then ask you to pay them a deposit and they claim they will ship you the keys. In reality, your money is gone and you will have no recourse.
Craigslist vehicle scams A scammer will list a vehicle on Craigslist and will offer to ship you the car. In many cases they will also falsely claim to sell you the car through eBay or Amazon. If you are looking for a car on Craigslist and the seller says anything about shipping the car, having an agent, gives you a long story about why they are selling the car, or the listing price is far too low, you are talking to a scammer and you should ignore and move on.
Advance-fee scam, also known as the 419 scam, or the Nigerian prince scam. You will receive a communication from someone who claims that you are entitled to a large sum of money, or you can help them obtain a large sum of money. However, they will need money from you before you receive the large sum.
Man in the middle scams
Man in the middle scams are very common and very hard to detect. The scammer will impersonate a company or person you are legitimately doing business with, and they will ask you to send the money to one of their own bank accounts or one controlled by a money mule. They have gained access to the legitimate persons email address, so there will be nothing suspicious about the email. To prevent this, make contact in a different way that lets you verify that the person you are talking to is the person you think you are talking to.
Digit wallet scam
A variation of the fake check scam, the scammer sends you money through a digital wallet (i.e. Venmo, Apple Pay, Zelle, Cash App) along with a message claiming they've sent the money to the wrong person and a request to send the money back. Customer service for these digital wallets may even suggest that you send the money back. However, the money sent is from a stolen credit card and will be removed from your account after a few days. Your transfer is not reversed since it came from your own funds.
Cam girl voting/viewer scam
You will encounter a "cam girl" on a dating/messaging/social media/whatever site/app, and the scammer will ask you to go to their site and sign up with your credit card. They may offer a free show, or ask you to vote for them, or any number of other fake stories.
Amateur porn recruitment scam
You will encounter a "pornstar" on a dating/messaging/social media/whatever site/app, and the scammer will ask you to create an adult film with hehim, but first you need to do something. The story here is usually something to do with verifying your age, or you needing to take an STD test that involves sending money to a site operated by the scammer.
Hot girl SMS spam
You receive a text from a random number with a message along the lines of "Hey babe I'm here in town again if you wanted to meet up this time, are you around?" accompanied by a NSFW picture of a hot girl. It's spam, and they'll direct you to their scam website that requires a credit card.
Identity verification scam
You will encounter someone on a dating/messaging/social media/whatever site/app, and the scammer will ask that you verify your identity as they are worried about catfishing. The scammer operates the site, and you are not talking to whoever you think you are talking to.
This type of scam teases you with something, then tries to make you sign up for something else that costs money. The company involved is often innocent, but they turn a blind eye to the practice as it helps their bottom line, even if they have to occasionally issue refunds. A common variation takes place on dating sites/dating apps, where you will match with someone who claims to be a camgirl who wants you to sign up for a site and vote for her. Another variation takes place on local sites like Craigslist, where the scammers setup fake rental scams and demand that you go through a specific service for a credit check. Once you go through with it, the scammer will stop talking to you. Another variation also takes place on local sites like Craigslist, where scammers will contact you while you are selling a car and will ask you to purchase a Carfax-like report from a specific website.
Multi Level Marketing or Affiliate Marketing
You apply for a vague job listing for 'sales' on craigslist. Or maybe an old friend from high school adds you on Facebook and says they have an amazing business opportunity for you. Or maybe the well dressed guy who's always interviewing people in the Starbucks that you work at asks if you really want to be slinging coffee the rest of your life. The scam: MLMs are little more than pyramid schemes. They involve buying some sort of product (usually snake oil health products like body wraps or supplements) and shilling them to your friends and family. They claim that the really money is recruiting people underneath you who give you a slice of whatever they sell. And if those people underneath you recruit more people, you get a piece of their sales. Ideally if you big enough pyramid underneath you the money will roll in without any work on your part. Failure to see any profit will be your fault for not "wanting it enough." The companies will claim that you need to buy their extra training modules or webinars to really start selling. But in reality, the vast majority of people who buy into a MLM won't see a cent. At the end of the day all you'll be doing is annoying your friends and family with your constant recruitment efforts. What to look out for: Recruiters love to be vague. They won't tell you the name of the company or what exactly the job will entail. They'll pump you up with promises of "self-generating income", "being your own boss", and "owning your own company." They might ask you to read books about success and entrepreneurs. They're hoping you buy into the dream first. If you get approached via social media, check their timelines. MLMs will often instruct their victims to pretend that they've already made it. They'll constantly post about how they're hustling and making the big bucks and linking to youtube videos about success. Again, all very vague about what their job actually entails. If you think you're being recruited: Ask them what exactly the job is. If they can't answer its probably a MLM. Just walk away.

Phone scams

You should generally avoid answering or engaging with random phone calls. Picking up and engaging with a scam call tells the scammers that your phone number is active, and will usually lead to more calls.
Tax Call
You get a call from somebody claiming to be from your countries tax agency. They say you have unpaid taxes that need to be paid immediately, and you may be arrested or have other legal action taken against you if it is not paid. This scam has caused the American IRS, Canadian CRA, British HMRC, and Australian Tax Office to issue warnings. This scam happens in a wide variety of countries all over the world.
Warrant Call
Very similar to the tax call. You'll get a phone call from an "agent", "officer", "sheriff", or other law enforcement officer claiming that there is a warrant out for your arrest and you will be arrested very soon. They will then offer to settle everything for a fee, usually paid in giftcards.
[Legal Documents/Process Server Calls]
Very similar to the warrant call. You'll get a phone call from a scammer claiming that they are going to serve you legal documents, and they will threaten you with legal consequences if you refuse to comply. They may call themselves "investigators", and will sometimes give you a fake case number.
Student Loan Forgiveness Scam
Scammers will call you and tell you about a student loan forgiveness program, but they are interested in obtaining private information about you or demanding money in order to join the fake program.
Tech Support Call You receive a call from someone with a heavy accent claiming to be a technician Microsoft or your ISP. They inform you that your PC has a virus and your online banking and other accounts may be compromised if the virus is not removed. They'll have you type in commands and view diagnostics on your PC which shows proof of the virus. Then they'll have you install remote support software so the technician can work on your PC, remove the virus, and install security software. The cost of the labor and software can be hundreds of dollars. The scam: There's no virus. The technician isn't a technician and does not work for Microsoft or your ISP. Scammers (primarily out of India) use autodialers to cold-call everyone in the US. Any file they point out to you or command they have you run is completely benign. The software they sell you is either freeware or ineffective. What to do you if you're involved with this scam: If the scammers are remotely on your computer as you read this, turn off your PC or laptop via the power button immediately, and then if possible unplug your internet connection. Some of the more vindictive tech scammers have been known to create boot passwords on your computer if they think you've become wise to them and aren't going to pay up. Hang up on the scammers, block the number, and ignore any threats about payment. Performing a system restore on your PC is usually all that is required to remove the scammer's common remote access software. Reports of identity theft from fake tech calls are uncommon, but it would still be a good idea to change your passwords for online banking and monitor your accounts for any possible fraud. How to avoid: Ignore any calls claiming that your PC has a virus. Microsoft will never contact you. If you're unsure if a call claiming to be from your ISP is legit, hang up, and then dial the customer support number listed on a recent bill. If you have elderly relatives or family that isn't tech savvy, take the time to fill them in on this scam.
Chinese government scam
This scam is aimed at Chinese people living in Europe and North America, and involves a voicemail from someone claiming to be associated with the Chinese government, usually through the Chinese consulate/embassy, who is threatening legal action or making general threats.
Chinese shipping scam
This scam is similar to the Chinese government scam, but involves a seized/suspicious package, and the scammers will connect the victim to other scammers posing as Chinese government investigators.
Social security suspension scam
You will receive a call from someone claiming to work for the government regarding suspicious activity, fraud, or serious crimes connected to your social security number. You'll be asked to speak to an operator and the operator will explain the steps you need to follow in order to fix the problems. It's all a scam, and will lead to you losing money and could lead to identity theft if you give them private financial information.
Utilities cutoff
You get a call from someone who claims that they are from your utility company, and they claim that your utilities will be shut off unless you immediately pay. The scammer will usually ask for payment via gift cards, although they may ask for payment in other ways, such as Western Union or bitcoin.
Relative in custody Scammer claims to be the police, and they have your son/daughtenephew/estranged twin in custody. You need to post bail (for some reason in iTunes gift cards or MoneyGram) immediately or the consequences will never be the same.
Mexican family scam
This scam comes in many different flavours, but always involves someone in your family and Mexico. Sometimes the scammer will claim that your family member has been detained, sometimes the scammer will claim that your family member has been kidnapped, and sometimes the scammer will claim that your family member is injured and needs help.
General family scams
Scammers will gather a large amount of information about you and target your family members using different stories with the goal of gettimg them to send money.
One ring scam
Scammers will call you from an international number with the goal of getting you to return their call, causing you to incur expensive calling fees.

Online shopping scams

THE GOLDEN RULE OF ONLINE SHOPPING: If it sounds too good to be true, it probably is.
Dropshipping
An ad on reddit or social media sites like Facebook and Instagram offers items at huge discounts or even free (sometimes requiring you to reblog or like their page). They just ask you to pay shipping. The scam: The item will turn out to be very low quality and will take weeks or even months to arrive. Sometimes the item never arrives, and the store disappears or stops responding. The seller drop-ships the item from China. The item may only cost a few dollars, and the Chinese government actually pays for the shipping. You end up paying $10-$15 dollars for a $4 item, with the scammer keeping the profit. If you find one of these scams but really have your heart set on the item, you can find it on AliExpress or another Chinese retailer.
Influencer scams
A user will reach out to you on a social media platform, usually Instagram, and offer you the chance to partner with them and receive a free/discounted product, as long as you pay shipping. This is a different version of the dropshipping scam, and is just a marketing technique to get you to buy their products.
Triangulation fraud
Triangulation fraud occurs when you make a purchase on a site like Amazon or eBay for an item at a lower than market price, and receive an item that was clearly purchased new at full price. The scammer uses a stolen credit card to order your item, while the money from the listing is almost all profit for the scammer.
Instagram influencer scams
Someone will message you on Instagram asking you to promote their products, and offering you a discount code. The items are Chinese junk, and the offer is made to many people at a time.
Cheap Items
Many websites pop up and offer expensive products, including electronics, clothes, watches, sunglasses, and shoes at very low prices. The scam: Some sites are selling cheap knock-offs. Some will just take your money and run. What to do if you think you're involved with this scam: Contact your bank or credit card and dispute the charge. How to avoid: The sites often have every brand-name shoe or fashion item (Air Jordan, Yeezy, Gucci, etc) in stock and often at a discounted price. The site will claim to be an outlet for a major brand or even a specific line or item. The site will have images at the bottom claiming to be Secured by Norton or various official payment processors but not actual links. The site will have poor grammar and a mish-mash of categories. Recently, established websites will get hacked or their domain name jacked and turned into scam stores, meaning the domain name of the store will be completely unrelated to the items they're selling. If the deal sounds too good to be true it probably is. Nobody is offering brand new iPhones or Beats or Nintendo Switches for 75% off.
Cheap Amazon 3rd Party Items
You're on Amazon or maybe just Googling for an item and you see it for an unbelievable price from a third-party seller. You know Amazon has your back so you order it. The scam: One of three things usually happen: 1) The seller marks the items as shipped and sends a fake tracking number. Amazon releases the funds to the seller, and the seller disappears. Amazon ultimately refunds your money. 2) The seller immediately cancels the order and instructs you to re-order the item directly from their website, usually with the guarantee that the order is still protected by Amazon. The seller takes your money and runs. Amazon informs you that they do not offer protection on items sold outside of Amazon and cannot help you. 2) The seller immediately cancels the order and instructs you to instead send payment via an unused Amazon gift card by sending the code on the back via email. Once the seller uses the code, the money on the card is gone and cannot be refunded. How to avoid: These scammers can be identified by looking at their Amazon storefronts. They'll be brand new sellers offering a wide range of items at unbelievable prices. Usually their Amazon names will be gibberish, or a variation on FIRSTNAME.LASTNAME. Occasionally however, established storefronts will be hacked. If the deal is too good to be true its most likely a scam.
Scams on eBay
There are scams on eBay targeting both buyers and sellers. As a seller, you should look out for people who privately message you regarding the order, especially if they ask you to ship to a different address or ask to negotiate via text/email/a messaging service. As a buyer you should look out for new accounts selling in-demand items, established accounts selling in-demand items that they have no previous connection to (you can check their feedback history for a general idea of what they bought/sold in the past), and lookout for people who ask you to go off eBay and use another service to complete the transaction. In many cases you will receive a fake tracking number and your money will be help up for up to a month.
Scams on Amazon
There are scams on Amazon targeting both buyers and sellers. As a seller, you should look out for people who message you about a listing. As a buyer you should look out for listings that have an email address for you to contact the person to complete the transaction, and you should look out for cheap listings of in-demand items.
Scams on Reddit
Reddit accounts are frequently purchased and sold by fraudsters who wish to use the high karma count + the age of the account to scam people on buy/sell subreddits. You need to take precautions and be safe whenever you are making a transaction online.
Computer scams
Virus scam
A popup or other ad will say that you have a virus and you need to follow their advice in order to remove it. They are lying, and either want you to install malware or pay for their software.

Assorted scams

Chinese Brushing / direct shipping
If you have ever received an unsolicited small package from China, your address was used to brush. Vendors place fake orders for their own products and send out the orders so that they can increase their ratings.
Money flipping
Scammer claims to be a banking insider who can double/triple/bazoople any amount of money you send them, with no consequences of any kind. Obviously, the money disappears into their wallet the moment you send it.

General resources

Site to report scams in the United Kingdom: http://www.actionfraud.police.uk/
Site to report scams in the United States: https://www.ic3.gov/default.aspx
Site to report scams in Canada: www.antifraudcentre-centreantifraude.ca/reportincident-signalerincident/index-eng.htm
Site to report scams in Europe: https://www.europol.europa.eu/report-a-crime/report-cybercrime-online
FTC scam alerts: https://www.consumer.ftc.gov/scam-alerts
Microsoft's anti-scam guide: https://www.microsoft.com/en-us/safety/online-privacy/avoid-phone-scams.aspx
https://www.usa.gov/common-scams-frauds
https://www.usa.gov/scams-and-frauds
https://www.consumer.ftc.gov/features/scam-alerts
https://www.fbi.gov/scams-and-safety/common-fraud-schemes
submitted by EugeneBYMCMB to Scams [link] [comments]

Bitcoin Wallet Generator How Bitcoin Wallets Work (Public & Private Key Explained ... Coinbase - How to Find your Bitcoin wallet address - YouTube What is a Bitcoin Wallet? (in Plain English) - YouTube Hardware Bitcoin Brain Wallet Generator

The "Bitcoin Generator" stores the generated Bitcoins in a store called "wallet". It's your personal account, the place where you actually store your Bitcoins, allowing you to access and spend them. Once your generation process has been verified, Bitcoins will be added to your wallet. The Generation process has been simplified nowadays. Although, it hasn't been always like that. Through time ... A Bitcoin Address is an ID of 26-35 alphanumeric numbers, that represents a possible destination for an (incoming) Bitcoin payment for example to a Bitcoin Wallet. A Bitcoin wallet address, which is a hash of the corresponding public key, always starts either with number 1 or with the number 3. It generates a small number of BTC to your account. All you need is a wallet (preferably Blockchain) and access to it. This wallet is your personal account, storage place for your funds. It allows you access to your BTC, storage and ability to spend them. Step-by-Step Guide to Generate BTC Login into your wallet. Find your 'Wallet Address', commonly present once you press on the "Request ... Bitcoin Paper Wallet Generator V4 - Open Source Client-side Next > Please move your mouse and/or type random keystrokes into this box: Secure random number generation requires that you provide some unpredictable data, also called "entropy". Skip » You may safely skip this step if you do not need to use the random wallet generator. Next Step > Print Your Front Wallet PRINT ! Next Step ... The Bitcoin Generator system uses peer-to-peer technology to work without central authority or banks. Transaction management and output from Bitcoin are shared across the network. Bitcoin is open source; The design is public, nobody owns or controls Bitcoin and everyone can be part of this trend. With many of its unique features, Bitcoin offers interesting uses that no previous payment system ...

[index] [47855] [18574] [31869] [18613] [24623] [8670] [28712] [25117] [35550] [7425]

Bitcoin Wallet Generator

Wallets in cryptocurrency work in a weird way. They also have some weird properties like: they can be created offline and be used directly. Whut? Let's see h... Bitcoin Wallet Generator BITCOIN PRICE , BITCOIN FUTURE in doubt http://youtu.be/eO-yrpQpIT8 What is NAMECOIN BITCOIN'S First Fork http://youtu.be/oBkhPhu3_B4 Start trading Bitcoin and cryptocurrency here: http://bit.ly/2Vptr2X A Bitcoin wallet is a device or program that stores your private keys and allows you to ... Unlike a bank account number, a Bitcoin wallet can generate an unlimited number of Bitcoin addresses, which can be used to identify incoming funds from regular payers, or even as a way of ... If you want to someone to send you money to your Bitcoin account, Give them this address. you may donate to our network via Bitcoin as well :) Bitcoin addres...

#